Releases: VerticeOne/fork-terraform-aws-secure-baseline
Releases · VerticeOne/fork-terraform-aws-secure-baseline
v2.2.0
What's Changed
- Feat add access analyzer policy for cloudtrail kms by @kristian-lesko in #1
- Support Config retention & frequency configuration by @kristian-lesko in #3
- Support AWS Config logs S3 retention limit by @kristian-lesko in #4
- Support per-region Config frequency by @kristian-lesko in #5
- Apply per-region Config frequency properly by @kristian-lesko in #7
- Apply per-region Config frequency properly by @kristian-lesko in #8
- Support Config frequency via native Terraform by @kristian-lesko in #9
- Support limiting Config recorder resource types by @kristian-lesko in #6
- FIX CE-454: Disable global resource types if limited by @kristian-lesko in #10
- FEATURE CE-408: Adding delegated admin support for Security Hub, GuardDuty and AccessAnalyzer by @marko-fabry in #12
- FEATURE CE-408: Adding delegated admin support for Security Hub, GuardDuty and AccessAnalyzer by @marko-fabry in #13
- FEATURE CE-454: Set Config retention via native TF by @kristian-lesko in #11
- FEATURE CE-454: Rework Continuous/Daily recording logic by @kristian-lesko in #14
- FEATURE CE-408: Ignoring changes not supported yet regarding organiza… by @marko-fabry in #15
- FEATURE CE-408: Analyzer should be created in delegated administrator… by @marko-fabry in #16
- FEATURE DEBT-179: synced file(s) with VerticeOne/vertice-file-templates by @vertice-ci in #17
- TRIVIAL DEBT-150: synced file(s) with VerticeOne/vertice-file-templates by @vertice-ci in #22
- FEATURE CE-644: make insight selector optional by @PerekhrestB in #23
- FEATURE CE-664: make cloudtrail insight_selector optional (add to main tf) by @PerekhrestB in #24
- FEATURE CE-707: Adding allowed Principals to AccessAnalyzer suppresio… by @marko-fabry in #25
- FEATURE CE-707: Index sechub members by account_id instead for more s… by @marko-fabry in #26
- FEATURE CE-707: Deduplication of AccessAnalyzer findings for global r… by @marko-fabry in #27
- FEATURE CE-873: Integrate Inspector into secure baseline module by @marko-fabry in #28
- FEATURE ASH-47: Add central Security Hub policy configuration by @kristian-lesko in #29
- FIX ASH-47: Support all SecHub config policy attributes by @kristian-lesko in #30
- FEATURE ASH-46: Add GuardDuty org-wide configuration support by @kristian-lesko in #31
- FIX ASH-219: Remove unnecesasry workflows by @kristian-lesko in #32
- FIX ASH-46: Only create GuardDuty org config in delegated admin by @kristian-lesko in #33
- FEATURE ASH-293: Disable recording of global resources in aws config by @nuginy in #34
- FEATURE ASH-305: Fixing cloudtrail kms key policy by @marko-fabry in #35
New Contributors
- @kristian-lesko made their first contribution in #1
- @marko-fabry made their first contribution in #12
- @vertice-ci made their first contribution in #17
- @PerekhrestB made their first contribution in #23
- @nuginy made their first contribution in #34
Full Changelog: https://github.com/VerticeOne/fork-terraform-aws-secure-baseline/commits/v2.2.0
What's Changed
- Feat add access analyzer policy for cloudtrail kms by @kristian-lesko in #1
- Support Config retention & frequency configuration by @kristian-lesko in #3
- Support AWS Config logs S3 retention limit by @kristian-lesko in #4
- Support per-region Config frequency by @kristian-lesko in #5
- Apply per-region Config frequency properly by @kristian-lesko in #7
- Apply per-region Config frequency properly by @kristian-lesko in #8
- Support Config frequency via native Terraform by @kristian-lesko in #9
- Support limiting Config recorder resource types by @kristian-lesko in #6
- FIX CE-454: Disable global resource types if limited by @kristian-lesko in #10
- FEATURE CE-408: Adding delegated admin support for Security Hub, GuardDuty and AccessAnalyzer by @marko-fabry in #12
- FEATURE CE-408: Adding delegated admin support for Security Hub, GuardDuty and AccessAnalyzer by @marko-fabry in #13
- FEATURE CE-454: Set Config retention via native TF by @kristian-lesko in #11
- FEATURE CE-454: Rework Continuous/Daily recording logic by @kristian-lesko in #14
- FEATURE CE-408: Ignoring changes not supported yet regarding organiza… by @marko-fabry in #15
- FEATURE CE-408: Analyzer should be created in delegated administrator… by @marko-fabry in #16
- FEATURE DEBT-179: synced file(s) with VerticeOne/vertice-file-templates by @vertice-ci in #17
- TRIVIAL DEBT-150: synced file(s) with VerticeOne/vertice-file-templates by @vertice-ci in #22
- FEATURE CE-644: make insight selector optional by @PerekhrestB in #23
- FEATURE CE-664: make cloudtrail insight_selector optional (add to main tf) by @PerekhrestB in #24
- FEATURE CE-707: Adding allowed Principals to AccessAnalyzer suppresio… by @marko-fabry in #25
- FEATURE CE-707: Index sechub members by account_id instead for more s… by @marko-fabry in #26
- FEATURE CE-707: Deduplication of AccessAnalyzer findings for global r… by @marko-fabry in #27
- FEATURE CE-873: Integrate Inspector into secure baseline module by @marko-fabry in #28
- FEATURE ASH-47: Add central Security Hub policy configuration by @kristian-lesko in #29
- FIX ASH-47: Support all SecHub config policy attributes by @kristian-lesko in #30
- FEATURE ASH-46: Add GuardDuty org-wide configuration support by @kristian-lesko in #31
- FIX ASH-219: Remove unnecesasry workflows by @kristian-lesko in #32
- FIX ASH-46: Only create GuardDuty org config in delegated admin by @kristian-lesko in #33
- FEATURE ASH-293: Disable recording of global resources in aws config by @nuginy in #34
- FEATUR...
Contributors
kristian-lesko, PerekhrestB, and 3 other contributors