## Secrets Manager Integration ### Improved Azure Key Vault Support The beta secrets manager helper now supports Azure Key Vault on VMs with multiple User Assigned Managed Identities. You can now specify an identity with the `client_id`, `object_id`, and `mi_res_id` options. The default is the system-assigned identity, which is the same as in past releases. If you omit an option, the secrets manager uses the system-assigned identity. See the [Azure docs](https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity?tabs=dotnet#using-the-rest-protocol) for more information. **Fetching Secret Using Specified `client_id`** ```ruby secret(name: "test3", service: :azure_key_vault, config: { client_id: "3fc5c05e-604c-44ef-b27b-36da9d78c470" }) ``` **Fetching Secret Using Specified `object_id`** ```ruby secret(name: "test3", service: :azure_key_vault, config: { object_id: "3fc5c05e-604c-44ef-b27b-36da9d78c470" }) ``` **Fetching Secret Using Specified `mi_res_id`** ```ruby secret(name: "test3", service: :azure_key_vault, config: { mi_res_id: "3fc5c05e-604c-44ef-b27b-36da9d78c470" }) ``` Thanks for this improvement [@jasonwbarnett](https://github.com/jasonwbarnett)! ## Target Mode The Target Mode beta, which executes Chef Infra on remote systems without the client installed, has bug fixes and new functionality: - Several bugs in Ohai preventing remote Ohai execution were resolved. - Added an `:api` platform type to enable REST APIs instead of operating systems. - Added support for specifying `transport_protocol` on targets to the Chef credential file. For example: ```toml ['remote-target'] transport_protocol = "serial" device = "/dev/ttyUSB0" # ... and other Transport-specific settings ``` Thanks [@tecracer-theinen](https://github.com/tecracer-theinen) for continually improving the Target Mode experience! ## Resource Updates ### chocolatey_source The `chocolatey_source` resource now supports setting up authenticated sources. See the [chocolatey_source resource documentation](https://docs.chef.io/resources/chocolatey_source/) for more information on the new properties introduced to support user/password or certificate authentication. Thanks for this improvement [@gep13](https://github.com/gep13)! ### cron Failures running the `cron` resource with a commented-out cron entry have been resolved. Thanks for this fix [@wheatevo](https://github.com/wheatevo)! ### kernel_module The `kernel_module` resource now includes an `:enable` action, which allows you to install a kernel module that was previously disabled. Thanks for this improvement [@qubitrenegade](https://github.com/qubitrenegade)! ### macos_userdefaults The `macos_userdefaults` resource now uses use native macOS API calls instead of shelling out to command line tools. This complete rewrite makes setting complex data types in the resource more reliable. ### subversion Failures running the `subversion` resource have been resolved. Thanks for this fix [@tomhughes](https://github.com/tomhughes)! ## Bug Fixes * Fixed failing knife gem installs on Windows. * Fixed detection of 32bit Windows applications on 64bit Windows installations in `node['packages']`. Thanks for this fix [@knightorc](https://github.com/knightorc)! * Resolved Ruby deprecation warnings in Ohai on Windows and macOS hosts.