Releases: Cloudneeti/aws-auto-remediation
Releases · Cloudneeti/aws-auto-remediation
Support latest Serverless updates
- Refinements of stage variable as per latest serverless updates
- Refinements in deployment script wrt variable names and conditional statements
Support for asset exclusion from the remediation functionality
- Added capability to exclude resources/assets from getting remediated through the AWS auto-remediation framework
- Updated the framework bucket lifecycle configuration, to ensure that the logs and old versions of objects stored are periodically deleted.
ZCSPM Branding updates and refinements along with IAM policy opt-in/opt-out support
- Upgraded the remediation framework variables, messages, commands, etc. from Cloudneeti to ZCSPM as part of branding changes
- Added support to opt-in or opt-out IAM policies (global services) from remediation support depending on compliance requirements. Framework components for global services will now only be deployed in the "US East (N. Virginia) us-east-1" region
- Added provisioning scripts to support easy configuration and deployment of multiple accounts present in an AWS organization
- Code optimization including prerequisites checks, exception handling, and removal of unused variables from the deployment templates
Security and Compliance Refinements Of Framework Resources
- Refinements in the remediation framework deployment to achieve better security and compliance
- Ensured the access policies and object lock is configured for the bucket deployed as a part of the remediation framework
- Ensured that termination protection is enabled for the Cloudformation stacks created as a part of the remediation framework
- Deprecated remediation support for AWS Config policy
Ensure Global resources are included into Amazon Config service configuration
CloudWatch Event Rule Based Remediation Framework
- Refined auto-remediation framework using Cloudwatch Event Rules in order to gain better support for resources and their configurations.
- Refined remediation framework triggers auto-remediation in near real-time (1-2 min). Earlier Cloudwatch Log Group based remediation framework was taking 10-15 min.
- Refined deployment scripts to deploy remediation framework in a region as per user/customer choice.
- Refined remediation framework to include limited regions for remediation as per user/customer need.
- Refined the naming convention of resources used in the framework for better understanding.
- Added support for 33 policies for RDS(Instance+Cluster+Snapshots), Auto Scaling Group, Config, Dynamodb, Kinesis, EC2, S3, SQS, Cloudformation, Cloudtrail, Neptune and Redshift services.
- Added Copyright in code
AWS Auto Remediation Framework
Merge pull request #5 from Cloudneeti/ankit/deployment-across-regions Parameterised location for AWS Remediation deployment