With OpenID Connect (OIDC), clients can authenticate users or applications through an Authorization Server, ensuring secure interaction with third-party apps such as cloud providers. Though env0 supports OIDC and has special claims for authentication control, there were some limitations in using it with AWS. We have now integrated AWS with additional claims, allowing you to grant deployment-specific access to your AWS account.

Creating a workflow is a great way to have a deployment of your infrastructure and create dependencies between different parts of your infrastructure, allowing you to easily manage your infrastructure as you scale. However, you may want to have different variables and settings for each part, so today you can do it when creating or deploying a new Workflow. Now we have two new enhancements when working with Workflow environments.

env0's bulk operations feature is designed to simplify your workflow as your organization grows and your projects expand to multiple environments. With bulk operations, you can perform actions simultaneously on numerous environments, saving time and effort.

With env0's current RBAC granularity, you could manage users or teams, and structure their permissions by associating roles on a given project. Now you will be able to assign those roles to a specific environment, without giving extra permissions to a whole project. This enhancement could give you a better way to depict your organization's needs allowing you to have better permissions granularity.

With env0's Sub Projects feature you could structure your projects in a way that better depicts your organization's needs allowing you to have better granularity. Now you will be able to edit this hierarchy and granularity with the ability to move projects to a different project or a sub-project.

Have you taken the env0 Remote Backend Terraform for a spin? You would probably want all of your project's Terraform environments to be created with the env0 remote backend. Now you can! Introducing our brand new project-level Force env0 Remote Backend policy that lets you enforce the use of the env0 remote backend throughout your project.

Plugins are a great way to integrate 3rd party tools with env0.
We encourage you to build your public plugin hosted on a public repo and also submit your plugin to our, ever-growing public, community-maintained plugins list.

As more and more organizations adopt Infrastructure as Code, managing third-party providers has become a critical challenge. While the open-source community has created an enormous variety of providers, many enterprises have unique requirements that require custom-built providers or specialized third-party solutions.
That’s where env0's new Private Provider Registry feature comes in. With it, you can easily manage your Terraform providers privately across your organization.

When working with Terraform, it's common to need access to the state of a remote backend environment. However, since this state can contain sensitive information, it's crucial to restrict access to prevent misuse.

With env0, you can restrict the permissions of your organization's users through role-based access controls. You also have the ability to trigger Plan and Apply directly from your PR, however, one drawback is that the VCS provider sets your user's permissions. By default, anyone with comment permission on your repository can run a Plan or an Apply on your environments.