3.0.5

Release Updates

Important Information

• Please note that this release contains MySQL version upgrade.
• This release is for NEW installs only - If you are already in previous versions of Paladin Cloud please do not upgrade to the current version. We will be coming up with the migration plan in the upcoming release.

Installer Changes

• Lambda runtime updated
• MySQL version update as 5.7 version is deprecated by AWS
• Updated API Gateway Keys expiration

What's Changed

• chore:lambda version update by @rnithinpaladin
• chore:mysql upgrade by @rnithinpaladin
• chore:update api_gateway expiration date by @rnithinpaladin

Full Changelog: 3.0.4...3.0.5

3.0.4

Release Updates

Installer Changes

• Updated the web app docker image to use the official docker image from Nginx to resolve the installation issue.

What's Changed

• chore: removed vulnerability issue from webapp image by @rnithinpaladin in #1968
• chore:[Devops-221]Updated niginxDocker image by @rnithinpaladin

Full Changelog: 3.0.3...3.0.4

3.0.3

Release Updates

Installer Changes

• Updated the GPG Key for Nginx to solve the installation issue.

What's Changed

• Release v3.0.3 by @rnithinpaladin in #1789
• chore:[Devops-191] gpg key updated by @rnithinpaladin

Full Changelog: 3.0.2...3.0.3

3.0.2

Release Updates

Installer Changes

• Corrected the UI dependency which is causing the build failure.
• Increased MySQL version as the current version is deprecated by AWS.

What's Changed

• chore:[CORE-1563] fixed build failure because of @apollo/client by @sidharthjain-zemoso in #1759
• release update 3.0.2 by @rnithinpaladin in #1764

Full Changelog: 3.0.1...3.0.2

3.0.1

Release Updates

UI Changes

• Fixed bugs across the application
• Enhanced the filtering on UI list views

Policy Updates

• Added 3 Azure and 2 GCP cost policies
• Updated the Policy documentation
• Enhanced the Policy implementation for a few policies.
• Other minor policy fixes and updates
• Updated the resolution links for all the policies to point to appropriate descriptions

Other Updates

• Fixed bugs related to Azure and GCP autofix functionality

What's Changed

• Chores/pavel test workflow by @plyubich in #1474
• fix: [UIUX-281] change status filter option from configured to online by @sidharthjain-zemoso in #1466
• fix:[CUS-172] update subscriptionStatus correctly in azure subscripti… by @raviteja-mandala in #1475
• fix:[CORE-938][CORE-1079] Plugins Date format and updated PolicyDispl… by @kushZemoso in #1463
• feat: preapply status filter in violations screen by @sidharthjain-zemoso in #1467
• bug:[CORE-1148]plugin status filter issue by @shefalibisht1992 in #1473
• fix:[Core-959] Set date according to the payload. by @kushZemoso in #1476
• removed trynow from README.md by @PaladinCloudJohn in #1480
• fix:[CUS-180][CORE-1186][CORE-1097] update db enteries for policies. by @kushZemoso in #1481
• Fix/data dog issues by @raviteja-mandala in #1479
• fix:[CORE-1207] fix for data dog reported issue with policy - Enable_… by @raviteja-mandala in #1484
• fix:[CORE-1214]Fix policyUUID by @AishwaryaKulkarni97 in #1485
• fix:[CORE-1051]Rename policy by @AishwaryaKulkarni97 in #1478
• fix:[CORE-1069] CE sync by @AnandPaladin in #1482
• fix:[CORE-1209] fix for data dog reported issue for rule - AWS_IAM_Us… by @raviteja-mandala in #1490
• fix:[CORE-1230][CORE-1241][CORE-1242]Ops Alert by @AishwaryaKulkarni97 in #1492
• fix:[CORE-1231]Ops Alert by @AishwaryaKulkarni97 in #1493
• refact: violations column names map code by @sidharthjain-zemoso in #1477
• chore:[devops-95]acs_notification by @rnithinpaladin in #1483
• fix:[CORE-1227]Fix email values by @AishwaryaKulkarni97 in #1486
• fix:[CORE-841]AWS resolutions links by @AishwaryaKulkarni97 in #1488
• fix:[CORE-1135]GCP resolutions links by @AishwaryaKulkarni97 in #1489
• bug:[CORE-1240]region filter url corrected by @shefalibisht1992 in #1491
• fix:[CORE-1138]Azure Links by @AishwaryaKulkarni97 in #1495
• bug:[CORE-1220]removing fixed filter from issues api and omitting iss… by @shefalibisht1992 in #1497
• bug:[CORE-1249]violation api failure by @shefalibisht1992 in #1496
• fix: gcp asset loadbalancer and cloudstorage mapping fix. by @arunpaladin in #1499
• fix:[CORE-1206] fix for data dog reported issue for policy - IamPassw… by @raviteja-mandala in #1494
• bug:[CORE-1251]issues filter need to skip issues with unknown status. by @shefalibisht1992 in #1501
• Fix/violation asset filters by @sidharthjain-zemoso in #1498
• bug:[CORE-1257]region sort breaks by @shefalibisht1992 in #1502
• bug:[CUS-183]correcting asset api download endpoint by @shefalibisht1992 in #1503
• bug:[CORE-1265]severity fails when autofix is true by @shefalibisht1992 in #1506
• fix:[CORE-1138][CORE-1135][CORE-841]Missing resolution Links by @AishwaryaKulkarni97 in #1509
• fix:[CUS-179]Updated policy description by @AishwaryaKulkarni97 in #1510
• Porting/ce ee changes by @ranadheer-b in #1504
• bug:[CUS-192]download api failure by @shefalibisht1992 in #1511
• fix:Sorted TargetType List on DisplayName field by @kushZemoso in #1512
• fix:[Core-1015] Added cloud Type in Duplicate DisplayName. by @kushZemoso in #1508
• feat:[CUS-160][CUS-161] Gcp cost Policies. by @kushZemoso in #1505
• Fix/list download by @sidharthjain-zemoso in #1514
• feat:[PLG-150] RedHat Deployment asset by @arunpaladin in #1513
• fix:[CORE-1263] CE Sync by @AnandPaladin in #1515
• fix: sorted filter options irrespective of case by @sidharthjain-zemoso in #1516
• fix:[CORE-1274][CORE-1275][CORE-1277][CORE-1276]Ops alert by @AishwaryaKulkarni97 in #1518
• fix:[CORE-760]Issue audit log captures request and revoke request by @AishwaryaKulkarni97 in #1519
• Fix/asset details by @ranadheer-b in #1521
• fix:[CORE-1201] Fix for rate exceeded issue by @raviteja-mandala in #1520
• fix:[CORE-760]Issue audit log captures grant and deny request exemption by @AishwaryaKulkarni97 in #1523
• fix:[CUS-196]fix azure cost policies. by @kushZemoso in #1525
• fix:[CORE-1288] fix for remove unused vm disk rule by @raviteja-mandala in #1524
• fix:[CORE-1058] CE Sync by @AnandPaladin in #1526
• fix:[CUS-161] Delete Unused VM disk. by @kushZemoso in #1527
• fix:Added UUID in rulengine.json by @kushZemoso in #1528
• fix:VM ScaleSet collector. by @kushZemoso in #1531
• fix:[CUS-217] Gcp Disks Collector. by @kushZemoso in #1535
• Fix/fix for npe azure collector by @raviteja-mandala in #1530
• Fix/violations filters by @sidharthjain-zemoso in #1537
• fix:[CORE-1239]Search in violation filter by @AishwaryaKulkarni97 in #1538
• bug:[CORE-978]autofix filter by @shefalibisht1992 in #1539
• feat: [PLG-174],[PLG-175] Added Node and Cluster asset by @arunpaladin in #1533
• Feat: [PLG-63] [PLG-162] [PLG-152] Added Violation, Polices and Images assets in shipper by @arunpaladin in #1541
• fix:[CORE-349][CORE-1216] policy category and severity. by @kushZemoso in #1542
• fix:[CORE-1290]Violation should not be raised when permission not given by @AishwaryaKulkarni97 in #1543
• fix:[CORE-1315]Ignore data dog alerts for Trusted advisor by @AishwaryaKulkarni97 in #1545
• fix:[CORE-1298][CORE-1300] Policy Sort by fixing the displayName. by @kushZemoso in #1546
• fix:[CORE-760]Request and revoking exemption should be captured in au… by @AishwaryaKulkarni97 in #1544
• Fix/ce porting for assetdetails fix by @raviteja-mandala in #1551
• fix:[CORE-1304] handle NPE when fetching addOnProfiles() for kubernet… by @raviteja-mandala in #1552
• Feat/redhat new assets by @arunpaladin in #1553
• Fix/violation filters by @sidharthjain-zemoso in #1550
• Porting EE changes to CE by @ranadheer-b in #1554
• fix:[CORE-1379] handle noentityfound exception for iam policies by @raviteja-mandala in #1556
• Fix/redhat display name by @sidharthjain-zemoso in #1555
• fix:[CORE-1348] fix for data ops alerts for cequence by @raviteja-mandala in #1557
• Fix/handle nosuchentityexcpetion for iampolicies by @raviteja-mandala in #1558
• feat:[CUS-170] Added ec2 launch template. by @kushZemoso in #1540
• fix:[CORE-1385] changed Platfrom and CloudType to Source. by @kushZemoso in #1560
• fix:[CUS-170] added region in keys. by @kushZemoso in #1561
• fix:[CORE-1391] Fix for data dog alert issues reported for vertex by @raviteja-mandala in #1565
• fix:[CORE-1352]Remove ops alert for access denied by @AishwaryaKulkarni97 in #1562
• PLG-186-Shipper Changes by @AnandPaladin in https://github.com/Pala...

3.0.0

Please note this is a breaking change and existing users would need to re-install the Paladin Cloud

• As this is a breaking change, please uninstall the existing stack using sudo python3 manager.py destroy command.
• Also, please terminate the existing ec2 instance which was used for installation.
• Post uninstallation, please use the latest AMIs to set up a new ec2 instance to start installing Paladin Cloud 3.0.0
• Here are the updated installation instructions.

Release Updates

UI Changes

• Updated UI screens and filters
• Ability to disable the policies in Admin UI
• Improved Autofix workflow
• Ability to re-arrange the dashboard widgets in a session.
• Other bugs across the application

New Features

New self-service Admin UI screens

• Users
• Plugins
• Policy
• Asset Groups

New Notifications framework

• Updated Notification UI screen
• Added in-app notifications feature

Policy Changes

• New policies are added
• Recategorised and added new policies under Cost
• Updated the Policy descriptions
• Fixed bugs in some existing policies

Plugin Changes

• New Tenable plugin with new policies to report vulnerabilities.
• Ability to push Redhat ACS notifications. Please note that this integration is currently manual.

Elastic Search Upgrade

• We have upgraded Elasticsearch 5.5 to OpenSearch 2.5.

Installation Changes

• Python and Terraform upgrades.
• Installation instructions are updated please refer to the latest instructions here.

What's Changed

• fix: changed getPolicyById API endpoint by @ranadheer-b in #782
• bug:reduce character size of GCP policy for overly permissive ingress… by @shefalibisht1992 in #781
• chore:Cognito_fix by @rnithinpaladin in #787
• bug:Policy names wiki link update by @shefalibisht1992 in #780
• feat : Enable automatic restart for vm instances by @shefalibisht1992 in #772
• chore:Cognito_creation_after_ES_creation by @rnithinpaladin in #793
• Fix duplicate consecutive statuses in issue audit log by @plyubich in #785
• feat: adding new fields to user params in policies by @akashpaladin in #786
• fix: Tagging filters on asset and violation by @dheerajkholia-paladin in #799
• chore:default.local.py_update by @rnithinpaladin in #797
• fix: bug fixes by @sidharthjain-zemoso in #803
• Fix/bugs UI by @sidharthjain-zemoso in #807
• bug:extra space character removal from db_Policy.sql file by @shefalibisht1992 in #801
• bug :Master policy audit changes by @shefalibisht1992 in #815
• fix: Filters on asset and violation by @dheerajkholia-paladin in #829
• chore/creating_cognito_user_after_es_creation by @rnithinpaladin in #817
• Readme more readable by @PaladinCloudJohn in #809
• fix: fixed tagging across target type widget, breadcrumbs in tagging by @sidharthjain-zemoso in #826
• fix:Display name of policies for AWS,Azure and gcp cloud platforms by @kushZemoso in #818
• feat:Added User_Management Api's by @kushZemoso in #831
• Replaced deprecated tslint with eslint, introduced prettier, editorconfig & stylelint by @astra1 in #791
• fix: angular tests by @astra1 in #798
• feat: google analytics by @astra1 in #810
• User management screen development by @ranadheer-b in #830
• fixed server side sorting for violations list by @ranadheer-b in #812
• chore:ContributionUpdates by @PaladinCloudJohn in #865
• Readme Version Bump by @PaladinCloudJohn in #860
• fix:db_policy.sql to latest by @kushZemoso in #858
• Added new image for connecting to portal banner by @MonikaSharma1307 in #872
• Adding Images for Azure AD content by @MonikaSharma1307 in #873
• Adding images for cognito doc by @MonikaSharma1307 in #871
• feat:removing accounts from rule params by @AishwaryaKulkarni97 in #863
• Adding Image to cognito content by @MonikaSharma1307 in #874
• feat: update violation count from shipper by @AishwaryaKulkarni97 in #870
• feat: update asset count from shipper by @AishwaryaKulkarni97 in #875
• chore/Json-Check by @rnithinpaladin in #856
• chore/cognito_azure_ad_configuration by @rnithinpaladin in #833
• bug:policy audit changes by @shefalibisht1992 in #876
• fix: set subscription id by @AishwaryaKulkarni97 in #859
• feat: Account management API by @dheerajkholia-paladin in #878
• Updating CONTRIBUTING by @plyubich in #893
• Chore/sql base64 enscript fix by @rnithinpaladin in #896
• feat:added autofix screen by @ranadheer-b in #895
• fix: SQL changes for account management by @dheerajkholia-paladin in #866
• fix: adding userinfo after generating new access token by @ranadheer-b in #902
• fix: alter statements for OSS by @AishwaryaKulkarni97 in #906
• fix: changes for policy param by @akashpaladin in #914
• fix:cognito user info fix by @ranadheer-b in #909
• Feat/policy autofix changes by @arunpaladin in #929
• fix: invalid json fixed by @AishwaryaKulkarni97 in #932
• fix:Added config for credential file path by @dheerajkholia-paladin in #948
• fix: elapsedtime column add in altertable by @arunpaladin in #952
• fix:Remove assets which are not taggable by @kushZemoso in #890
• chore/json-check by @rnithinpaladin in #919
• chore/rm_default_flag by @rnithinpaladin in #923
• chore/sql_check by @rnithinpaladin in #951
• feat: added client side filters for policy-knowledgebase, admin/polic… by @sidharthjain-zemoso in #846
• chore/azure_gcp_rules_rm_default_deployment_flag by @rnithinpaladin in #950
• fix: Account management fixes by @dheerajkholia-paladin in #967
• Added: violationID in details UI by @arifa11111 in #966
• bug:sorting dates in fix-central by @arifa11111 in #883
• bug-fix:violation-search-bar-cursor by @arifa11111 in #882
• fix:Removed default value of filter in UserManagement by @kushZemoso in #965
• fix: fixed overall tagging count and individual tag count by @ranadheer-b in #935
• Added IAM policy SecurityAudit to paladincloud_ro role. by @arunpaladin in #964
• fix: Qualys KB url by @dheerajkholia-paladin in #960
• fix:include overall compliance percent in category compliance api by @raviteja-mandala in #954
• Fix: rename-column-to-violationID by @arifa11111 in #945
• feat: merging policy param changes to master branch by @shefalibisht1992 in #924
• fix: added API to get base account details by @dheerajkholia-paladin in #972
• Adding new images for Azure subscription by @MonikaSharma1307 in #975
• fix - aws external vpc changes by @akashpaladin in #928
• fix: insert policy name in elastic search by @AishwaryaKulkarni97 in #946
• updated the images by @MonikaSharma1307 in #981
• feat: add account management screen by @ranadheer-b in #987
• fix: fixed tooltip issue by @ranadheer-b in #977
• fix: GCP collector issue by @dheerajkholia-paladin in #991
• fix: Qualys collector issue by @dheerajkholia-paladin in #990
• fix- aws root user mfa...

2.0.2

Updates

• Fixed below issues:
  • UI unresponsive post access token expiry.
  • Data Shipper issue in collecting daily trends for asset groups, which fixed the problems with Asset, Category and Policy Compliance trends not reporting the latest trends
  • Made the Policy Parameters editable for configurable policies
  • Fixed bug with the VPC peering policy
  • Corrected the permissions issue while collecting the region data for S3
  • Modified the layout of the edit policy screen to improve the user experience
  • Fixed a bug while creating the sticky exceptions
• We have updated the Policy Category nomenclature. Users migrating from the previous releases need to follow these steps to update the historical Policy Category Nomenclature.
• We are now using the AWS SecurityAudit policy for installation. The same is needed to install Paladin or monitor a cloud account. We will update the wiki accordingly

Known Issues

• We have identified the below issue during our test cycle and the same will be fixed in the upcoming releases:
  • Observed that the operations trend line missing for GCP in certain cases.
  • Distribution Across Application widget intermittently missing data in Policy Compliance UI
  • Tagging Summary counts are not matching in certain cases in Tagging Compliance screen.

What's Changed

• chore/sql_base64_bug_fix by @rnithinpaladin in #897
• Fix/policy param by @arunpaladin in #905
• fix: rename columns from rule to policy by @AishwaryaKulkarni97 in #910
• fix: fixed alignment in tooltips of trend graphs, added default sort … by @sidharthjain-zemoso in #907
• fix:Correctly mapped count value to its respective key by @kushZemoso in #911
• Fix/policy param by @arunpaladin in #912
• fix: changes for policy param by @akashpaladin in #913
• Fix/policy param by @arunpaladin in #916
• feat: correcting esServiceURL from the last changes by @shefalibisht1992 in #915
• reverted mandatory tags param changes by @akashpaladin in #918
• Fix/policy param by @arunpaladin in #922
• chore: updated release number by @santhosh-challa in #921
• Fix/policy param by @arunpaladin in #925
• fix: fixed non responsiveness of UI by @ranadheer-b in #926
• fix - aws external vpc changes by @akashpaladin in #927
• feat: removed roleIdentifyingString from policy params by @akashpaladin in #930
• fix: fixed policy compliance screen and policy knowledgebase ui bugs by @sidharthjain-zemoso in #931
• fix: invalid json fixed by @AishwaryaKulkarni97 in #933
• bug: quotes missing from policy param description attribute by @shefalibisht1992 in #934
• fix: fixed overall tagging count and individual tag count by @ranadheer-b in #936
• refactored editpolicy screen by @ranadheer-b in #937
• fix: Display missing categories in trend compliance api by @raviteja-mandala in #938
• fix:include overall compliance percent in category compliance api by @raviteja-mandala in #953
• Refactor/policy screen by @ranadheer-b in #955
• fix: under utilize ec2,rdsdb, rediscluster policy fix by @arunpaladin in #949
• fix: fixed edit policy and getting updated list on successful Update by @ranadheer-b in #958
• Fix/include overall in cat compl api by @raviteja-mandala in #956
• fix: Corrected qualys KB API URL by @dheerajkholia-paladin in #959
• fixed multiple hits to update API by @ranadheer-b in #961
• Fix: Removed duplicate params for category and severity by @ranadheer-b in #962
• Fix/underutilization policy by @arunpaladin in #963

Full Changelog: 2.0.1...2.0.2

2.0.1

Updates

• Fixed minor issues across policy metadata, UI and installer.
• This release changed the variable in default.local.py, so existing users must merge their local.py with the latest changes from default.local.py before redeploying.

What's Changed

• bug:policy audit changes by @shefalibisht1992 in #869
• chore/spell_fix by @rnithinpaladin in #867
• Fix v2/bugs UI by @sidharthjain-zemoso in #855
• chore: updated release version by @santhosh-challa in #877
• bug:delete duplicate policies by @shefalibisht1992 in #881
• fix: fixed secondary sort by @sidharthjain-zemoso in #880

Full Changelog: 2.0.0...2.0.1

2.0.0

Introducing Cognito

• We have moved out from default DB-based authentication and authorization to AWS Cognito.
• Now both Authentication and Authorization in the App are done through Cognito.
• We are working on user management using Cognito and the same would be released in the next release. Till then, users need to manage the users directly using Cognito service.
• We will update the wiki on how user management and Azure AD setup can be done using Cognito.
• As we are adding Cognito for the first time, existing users need to re-create their Paladin Cloud users in Cognito.
• Installation readme will be updated accordingly.

Policy Updates

• We have changed the nomenclature in the Paladin Cloud on how we manage the rules/policies. Earlier there were Rules and Policies in the system, now we have completely moved out from rules. Now We just have Policies. Documentation pages will be updated accordingly.
• Added 8 new policies across AWS and GCP
• Also updated Policy metadata of the major policies by reviewing their documentation, category, and severity.
• We are improving the wiki for the existing policies. This is an ongoing effort.

UI Updates

• New Policy Admin screen replaced the old Rules and Policy screen.
• Fixed bugs across the application

Installer Updates

• Added the required configurations to default.local.py for Cognito.
• Updated elastic search default shard size from 3 to 1 to improve the read performance. There will be no change for current users.
• Reduced the permissions needed for installing the Paladin Cloud further. Documentation will be updated in the coming days accordingly.
• Introduced a new configuration parameter in local.py for mandatory tags. Now users can define the mandatory tags before redeploying or installing.
  The same will be used across the UI to filter the assets and run the tagging policies.
• As the new configurations are added to default.local.py in this release, current users need to merge the new default.local.py with their existing local.py before redeploying.

What's Changed

• fix : wiki link and description by @AishwaryaKulkarni97 in #739
• chore:batch size by @rnithinpaladin in #740
• fix: aws securityhub comma issue in failed message by @akashpaladin in #738
• fix : duplicate policies removed, severity changed, name changed by @AishwaryaKulkarni97 in #742
• fix: sql fixes for cf_Target, cf_AssetGroupTargetDetails, cf_RuleInst… by @akashpaladin in #749
• Rules to policies conversion by @arunpaladin in #750
• fix: Updated no of shards in ES to 1 by @santhosh-challa in #752
• fix : wiki link corrected for function apps by @AishwaryaKulkarni97 in #736
• fix : resolving bad request error by @AishwaryaKulkarni97 in #747
• fix: modified graph to use linear scale with custom values on y-axis by @sidharthjain-zemoso in #746
• fix: Incorrect gcp application count by @dheerajkholia-paladin in #744
• fix: Missing asset details by @dheerajkholia-paladin in #760
• fix : set tags, resourceGroup name and subscription for gcp by @AishwaryaKulkarni97 in #756
• Feature- Authentication through AWS Cognito by @dheerajkholia-paladin in #759
• fix: aws policy category and display name changes by @akashpaladin in #761
• fix: aws policy url bug fixes by @akashpaladin in #748
• fix : set tags, resourceGroup name and subscription for azure by @AishwaryaKulkarni97 in #753
• fix: fixed policy details api issue and added isAutofixEnabled by @ranadheer-b in #758
• feat:Gcp loadbalancer https target proxy configured with default ssl policy instead of custom ssl policy by @shefalibisht1992 in #768
• fix:Multiple users for same email by @dheerajkholia-paladin in #763
• Fix/managed policy by @arunpaladin in #767
• fix: Mandatory tags from installer by @dheerajkholia-paladin in #765
• fix:removed space by @dheerajkholia-paladin in #770
• chore: componentized asset dashboard, fixed server side sorting by @sidharthjain-zemoso in #771
• feat : Gcp load balance quic protocol by @shefalibisht1992 in #745
• feat: Gcp cloud function policies by @shefalibisht1992 in #757
• fix: changed update query position from DB.sql to DB_policy.sql by @akashpaladin in #773
• fix: rework after removal of cf_policy by @AishwaryaKulkarni97 in #764
• Feat/aws ami and ec2 rule by @akashpaladin in #755
• fix:corrected description and wiki link for gcp policy by @AishwaryaKulkarni97 in #775
• feat: aws policy for checking key rotation enabled by @akashpaladin in #762
• fix:corrected wiki links by @AishwaryaKulkarni97 in #774
• chore:cognito_implemenation by @rnithinpaladin in #766
• fix: fixed few ui bugs by @sidharthjain-zemoso in #776
• chore:sql_fix by @rnithinpaladin in #778
• chore:lambda_file_upload_fix by @rnithinpaladin in #779
• fix: updated azure ad email id claim by @santhosh-challa in #769
• feat: updating and removing unwanted permissions from existing list by @akashpaladin in #777
• fix: aws rules related to s3 object level logging by @akashpaladin in #751
• fix: changed getPolicyId API endpoint by @ranadheer-b in #783
• chore:Cognito_bug_fix by @rnithinpaladin in #788
• bug:Reduce policy name size for overly permissive ingresss setting v2 by @shefalibisht1992 in #789
• chore:Cognito_creation_after_ES_creation by @rnithinpaladin in #792
• Fix-filter tags on asset and violation by @dheerajkholia-paladin in #800
• Chore/default local.py update by @rnithinpaladin in #796
• bug:V2-extra space character removal from db_Policy.sql file by @shefalibisht1992 in #802
• fix: bug fixes by @sidharthjain-zemoso in #804
• fix: fix sorting issue for column containing numbers by @sidharthjain-zemoso in #805
• fixed sorting arrow in violations by @sidharthjain-zemoso in #806
• fix: fixed filters for tags in violations and asset list by @sidharthjain-zemoso in #808
• bug:V2 policy audit updated by @shefalibisht1992 in #811
• Violations sorting by @ranadheer-b in #813
• fix:Policy dispaly name for AWS,Azure and Gcp by @kushZemoso in #814
• chore/creating_cognito_user_after_es_creation by @rnithinpaladin in #816
• fix: truncating the policy table to reflect the new changes by @santhosh-challa in #820
• Fix/recently viewed api by @ranadheer-b in #822
• fix: fixed tagging across target type widget, breadcrumbs in tagging by @sidharthjain-zemoso in #824
• fix: Filters on violation by @dheerajkholia-paladin in #828
• fix: fixed Account id sorting in asset list by @sidharthjain-zemoso in #827
• bug:V2-policy audit changes(sev and category) by @shefalibisht1992 in #834
• feat: adding new fields to user params in policies by @akashpaladin in #835
• bug : Wiki links updates of gcp and aws by @shefalibisht1992 in #841
• chore/cognito_azure_ad_configuration by @rnithinpaladin in #832
• feat: added client side filters for policy-knowledgebase, admin/polic… by @sidharthjain-zemoso in #840
• Fix/db policy entries by @kushZemoso in #842
• bug:build db error resolution by @shefalibisht1992 in #843
• bug : V2 policy desc changes by @shefalibisht1992 in #847
• fix:Removed Duplicate Entries in DB_Policy.sql by @kushZemoso in #849
• chore/client_id_n_client_secert_update by @rnithinpaladin in #850
• fix: removed compliance% and violation filters from dashboard list view by @sidharthjain-zemos...

1.5.2

Policy Updates

• Added 11 new policies across Azure and GCP
• Fixed the bugs with the existing policy metadata/documentation.
• We are improving the wiki for the existing rules. This is an ongoing effort.

UI Updates

• Fixed bugs across the application

Installer Changes:

• Users do not need to expose port 80 post installation now. We have fixed the issue and now the installer will expose port 80 to CIDR only.
• Added the tags to all the missing installer resources.
• Added the ability to configure the batch compute instance and the batch job VCPU and RAM.
• Please note that we have added missing tags to AWS Batch resources. You need to destroy the Batch resources before upgrading the Paladin Cloud. Please follow the commands mentioned in the doc to destroy the Batch resources before upgrading to the current release

Known Issues

• We are testing the 4 GCP policies, these may not be fully functional in this release.

What's Changed

• fix: fixed violation tiles to display correct data when one of the tiles has 0 values. by @sidharthjain-zemoso in #659
• fix: Modified Display Name of target type by @arunpaladin in #665
• fix/checkFtpStateRule by @kushZemoso in #660
• chore/https sg chages by @rnithinpaladin in #670
• fix: addressed azure and gcp bug fixes by @AnjaliMadhavi-Nakirikanti in #673
• fix: Added correct legacy Authorization enabled flag by @kushZemoso in #669
• fix:dynamic distribution of assets by @ranadheer-b in #674
• feat:Added Collector for Kubernetes Services in Azure by @kushZemoso in #661
• fix :addressed syntax error in db file by @AnjaliMadhavi-Nakirikanti in #679
• fix: fixed azure policies syntax in db file by @AnjaliMadhavi-Nakirikanti in #684
• fix:display qualys cve number and link in UI by @raviteja-mandala in #688
• fix: fixed navigation in asset distribution and modified violation de… by @sidharthjain-zemoso in #690
• fix: emails was not getting populated by @AishwaryaKulkarni97 in #683
• feat: cluster monitoring and authorised IP ranges by @AishwaryaKulkarni97 in #664
• Feat/kms roles by @AishwaryaKulkarni97 in #682
• chore: updated version number by @santhosh-challa in #692
• fix: qualys data by @sidharthjain-zemoso in #694
• feat: Avoid Assigning Service Roles to IAM Users at project level. by @kushZemoso in #697
• fix:Policy AWS security hub and CloudWatch log metric filter and alarm rule by @akashpaladin in #696
• fix: azure and gcp bug fixes by @AnjaliMadhavi-Nakirikanti in #702
• Adding Images to Troubleshoot section by @MonikaSharma1307 in #703
• fix: fixed breadcrumb model, clear text in table search bar and filte… by @sidharthjain-zemoso in #698
• Adding image to troubleshoot by @MonikaSharma1307 in #704
• feat: Added server side sorting by @ranadheer-b in #708
• feat: added filter chips to table, added api for issue status filter … by @sidharthjain-zemoso in #706
• feat: Enforce Separate Service Account Duties for Users by @AnjaliMadhavi-Nakirikanti in #663
• Chore/asset list page size by @sidharthjain-zemoso in #712
• fix:Removed null values from security and category field and Added respectiv… by @kushZemoso in #711
• feat: Policy for Ensuring EKS Cluster inbound traffic only on 443 by @akashpaladin in #707
• Feat/disable kubernetes dash board by @AnjaliMadhavi-Nakirikanti in #668
• fix: fixed policy description and resolution url for Disable Contained Database Authentication Flag for SQL Server Database Instances by @AnjaliMadhavi-Nakirikanti in #715
• fix : incorrect violation was being raised by @AishwaryaKulkarni97 in #717
• fix: Display Name of Policies by @kushZemoso in #718
• fix : severity should be critical by @AishwaryaKulkarni97 in #720
• fix : added wiki links by @AishwaryaKulkarni97 in #721
• fix: fixed breadcrumbs to persist queryparams by @sidharthjain-zemoso in #714
• Added RESOURCE_NAME_PREFIX by @PaladinCloudJohn in #719
• Feat/load balancer by @AishwaryaKulkarni97 in #713
• feat:Enable API Key Application Restrictions by @AnjaliMadhavi-Nakirikanti in #705
• Feature/api restriction by @kushZemoso in #710
• Feature/check insecure ssl cipher by @kushZemoso in #716
• fix: restricted the elb sg ingress to cidr by @santhosh-challa in #724
• Chore/s3voilation by @rnithinpaladin in #723
• fix: dispalyName of policies by @kushZemoso in #722
• fix:Enable Https rule by @kushZemoso in #725
• chore:added tagging for batch by @rnithinpaladin in #727
• chore:ecs_service_tagging by @rnithinpaladin in #729
• fix: fixed failure of issues end point in compliance API when sort … by @sidharthjain-zemoso in #730
• Chore/https fix by @rnithinpaladin in #731
• Chore/ecs tagging by @rnithinpaladin in #732
• fix : null pointer exception for immutability policy and legal hold by @AishwaryaKulkarni97 in #728
• fix: fixed add-revoke API failure by @sidharthjain-zemoso in #733
• Chore/batchconfig by @rnithinpaladin in #735
• fix : renaming policies by @AishwaryaKulkarni97 in #726
• chore:batch_size_number by @rnithinpaladin in #741

New Contributors

• @PaladinCloudJohn made their first contribution in #719

Full Changelog: 1.5.1...1.5.2