Skip to content

Update to version v2.1.0 #192

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Mar 28, 2024
Merged

Update to version v2.1.0 #192

merged 1 commit into from
Mar 28, 2024

Conversation

@AaronSchuetter
Copy link
Contributor

@AaronSchuetter AaronSchuetter commented Mar 28, 2024

Description of changes:

[2.1.0] - 2024-03-28

Added

  • CloudWatch Dashboard for monitoring solution metrics
  • Remediations will be scheduled in the future to prevent throttling if many remediations are triggered in a short period of time
  • New support for NIST 800-53 standard
  • New remediations for CloudFront.1, CloudFront.12, Codebuild.5, EC2.4, EC2.8, EC2.18, EC2.19, EC2.23, ECR.1, GuardDuty.1 IAM.3, S3.9, S3.11, S3.13, SecretsManager.1, SecretsManager.3, SecretsManager.4, SSM.4
  • Support for customizable input parameters to remediations

Changed

  • Updated AFBSP to FBSP in docs
  • Add HttpEndpoint parameter as enabled for EC2.8 remediation
  • Updated imports for moto 5.0.0

Fixed

  • Disabled AppRegistry functionality in China regions. AppRegistry is not available in those regions.
  • Added missing EventBridge rules for CloudFormation.1, EC2.15, SNS.1, SNS.2, and SQS.1
  • Fixed SC_SNS.2 Not executing due to wrong automation document
  • Fixed RDS.4 remediation failing to remediate due to incorrect regex
  • RDS.4 regex now includes snapshots created by Backup
  • Enable CloudTrail encryption remediation is now a regional remediation
  • Fixed SC_SQS.2 incorrect parameter
  • Fixed SC_EC2.6 message on finding note
  • Added AddTagsToResource to EncryptRDSSnapshot remediation role
  • SNS.2 now works in regions other than where the roles are deployed
  • Updated SNS.1 parameter to TopicArn instead of SNSTopicArn
  • SC_RDS.1 regex now includes snapshots
  • Fixed certain remediations failing in opt-in regions due to STS token endpoint
  • Rules for CIS 1.4.0 no longer match on CIS 1.2.0 generator ID
  • Fixed S3.6 creating malformed policy when all principals are "*"

Security

  • Upgraded urllib3

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@AaronSchuetter AaronSchuetter requested a review from jangidms March 28, 2024 19:22
mobri2a
mobri2a approved these changes Mar 28, 2024
View reviewed changes
Copy link
Contributor

@mobri2a mobri2a left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

approved

@jangidms jangidms merged commit 362b0ac into main Mar 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mobri2a mobri2a mobri2a approved these changes

@jangidms jangidms jangidms approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@AaronSchuetter @mobri2a @jangidms