## New Features

- Use usernames in authorization policies with `${a2:username}` in resources. 
For example, _local users_ can **read**, **update**, and **delete** their own Chef Automate user records using the API. The policy allowing this is (abbreviated):

  ```json
  {
    "id": "f9eb8c5a-3b8b-4695-ae39-ca434237f69b",
    "action": "*",
    "subjects": ["user:local:*"],
    "resource": "auth:users:${a2:username}"
  }
  ```

## Improvements

- You'll see improved performance ingesting Chef Client Runs because we improved the message handling in the Automate-Gateway.