When you deploy a StorageGRID node as a virtual machine or use VMware vSphere to automate grid node deployment, you are now prompted to set a temporary installation password. This password is used only if you need to access the VM console or use SSH before the new node joins the grid.

The documentation for StorageGRID appliances was moved to a new appliances documentation site.

Support for FIPS 140-2 validated cryptography.

StorageGRID 11.8 and StorageGRID Appliance Installer firmware version 3.8.0 support:

You can change the grid-wide default consistency using the Grid Manager or the grid-config endpoint of the Grid Management private API. The new default will be applied to buckets created after the change.

Allows per-bucket ILM policies controlled with bucket tags. Multiple active and inactive ILM policies can exist at the same time. See ILM policies:Overview.

Support for Kafka endpoints for bucket event notifications.

Create load balancer endpoints to manage the management interface workload on Admin Nodes. See considerations for load balancing. As part of this change, you can now use Grid Manager and Tenant Manager ports 443, 8443, and 9443 when creating HTTPS load balancer endpoints for S3 or Swift client access.

Added Manage drives tab for the SGF6112 appliance.

You can now specify that a new software-based Storage Node will be used to store only metadata instead of both objects and metadata.

When configuring single sign-on (SSO) for Active Directory Federation Service (AD FS) or PingFederate, you can now map the user principal name to Name ID in the claims rule or to sAMAccountName=${username} in the adapter instance.

Existing accounts can be cloned to a remote grid. See What is account clone.

You can now use the Decommission Nodes procedure to remove any unused Archive Nodes that are disconnected from the grid. See Decommission disconnected grid nodes.

Archive Nodes were deprecated in StorageGRID 11.7.

Added a toggle for volume restoration to occur automatically. See Restore object data using Grid Manager.

Improvements to erasure coding configurations.

The Management API stack trace security setting lets you control whether a stack trace is returned in Grid Manager and Tenant Manager API error responses. See Change interface security settings.

You can now use the rolling reboot procedure to reboot multiple grid nodes without causing a service disruption.

The Grid Manager list of ports open to the untrusted Client Network is now located in a column named, "Open to untrusted Client network" at CONFIGURATION > Network > Load balancer endpoints > Management interface (previously located on the Firewall control page). See Configure load balancer endpoints.

Additional functionality described in Use S3 Console.

The tenant management permission, View all buckets, has been added.