Skip to content

Releases: DefendableDesign/DD-AWS

Better Benchmark Coverage v0.2.2

18 Mar 07:15
Compare
Choose a tag to compare

This release includes all Level 1 and Level 2 CloudTrail alarms, recommended by the CIS AWS Foundations Benchmark.

Bug fix - v0.2.1

12 Mar 10:30
Compare
Choose a tag to compare

This release fixes a bug with the bucket policy remediation function.

S3 Remediation, Slack Integration v0.2.0

10 Mar 16:25
8cba553
Compare
Choose a tag to compare

This release includes major changes:

  • Auto-remediation for S3 public buckets
  • Slack integration
    image
  • The directory structure has been updated for clarity
  • CloudTrail is now enabled automatically
  • CloudTrail Monitoring alerts

Support for remote state storage v0.1.2

10 Dec 07:39
e47c8c7
Compare
Choose a tag to compare

This release enables remote Terraform state storage using the S3 backend.

Naming convention updates v0.1.1

02 Dec 07:52
Compare
Choose a tag to compare

Under-the-hood naming convention updates and additional comments.

Defendable design for AWS initial release v0.1.0

25 Nov 03:51
Compare
Choose a tag to compare

Defendable design for AWS

Initial release v0.1.0

The initial release of the Defendable Design pattern for AWS enables AWS Config and configures five AWS Config Rules.

  • Check-CloudTrail-Enabled
    • AWS rule: Validates that CloudTrail is enabled.
  • Check-IAM-PasswordPolicy
    • AWS rule: Validates that an IAM Password Policy is configured.
  • Check-EC2-OpenPorts
    • Custom rule: Checks for dangerous security group rules which open prohibited ports to the internet.
    • Supports automatic remediation of dangerous changes
  • Check-S3-PublicRead
    • AWS rule: Checks for S3 buckets with public read permissions
  • Check-S3-PublicWrite
    • AWS rule: Checks for S3 buckets with public write permissions