Releases: sysdiglabs/terraform-aws-secure-for-cloud
Releases · sysdiglabs/terraform-aws-secure-for-cloud
v0.10.0
Full Changelog: v0.9.10...v0.10.0
⚠️ Breaking Changes
- Upgrade terraform 1.3 requirement and remove experimental
optionalusage by @wideawakening in #132
If the use of a terraform version <1.3 is required, pin down the latest supported Secure for Cloud Module
module "secure-for-cloud" {
source = "sysdiglabs/secure-for-cloud/aws"
version = "0.9.10"
}
WIP Feature
- Replacement of the legacy scanning engine, for the new one, by @miketnt in #131
This feature is a small step for the adoption of the new Vulnerability Management engine scanner.⚠️ no support given yet
Documentation
- troubleshooting; homogeneize and add more data for "i don't see"
- clarify ECR in org-management account
Continuous Integration
- Added codeowners
- Enhance PR template with tips to test branch code
New Contributors
Contributors
wideawakening and miketnt
Assets 2
v0.9.10
Full Changelog: v0.9.9...v0.9.10
Features
- add deploy_aws_iam_user optional for example/single-k8s by @jprieto92 @wideawakening in #124
In order to avoid IAM user credentials for k8s, use the following terraform input parameter:
module "secure_for_cloud_aws_single_account_k8s" {
source = "sysdiglabs/secure-for-cloud/aws//examples/single-account-k8s"
deploy_aws_iam_user = false
...
}
Documentation
- clarify scanning start logs on force events
New Contributors
- @jprieto92 made their first contribution in #124
Contributors
wideawakening and jprieto92
Assets 2
v0.9.9
v0.9.8
Full Changelog: v0.9.7...v0.9.8
Bug Fixes
- fix: cloudtrail creation conditional in #129
after the
existing_cloudtrail_configrefactor thedeploy_cloudtrailflag was not correctly setup
Documentation
- Contribute. Howto unlock tf state for tests
- Org. Use case variables clarify org existing_cloudtrail_config
v0.9.7
Full Changelog: v0.9.6...v0.9.7
Features
- feat: organizational, add support for single-account deployment by @wideawakening in #128
small steps to go for organizational single-account setup as required by many customers;
⚠️ scanning still not supported- added use-case explanation
- added
deploy_benchmark_organizationalto deploycloud-benchmodule
on single account OR stackset (organizational) - added test (wip, evaluating if required time makes sense)
Documentation
- Added DecisionRecord
- Some more General Troubleshooting insights
Contributors
wideawakening
Assets 2
v0.9.6
Full Changelog: v0.9.5...v0.9.6
Use-Cases
- use-case for no terraform org three-way k8s threat compliance by @wideawakening in #122
Small Changes
- Create CODEOWNERS file by @tembleking
- Added Makefile 🥳 and update READMEs with provider versions by @tembleking in #127
- Remove unneeded configuration_aliases in sysdig provider by @tembleking in #126
Documentation
- Remove unneeded configuration_aliases in sysdig provider by @hayk99 and @tembleking (#126)
- clarify ecs requirements on cluster/vpc/subnet by @wideawakening in #123
- s/existing_cloudtrail_s3_config/existing_cloudtrail_config/g
- clarify aws ingestion types
- clarify force events
- sync cloudtrail available options
- fix Terraform Registry links
Contributors
wideawakening, tembleking, and hayk99
Assets 2
v0.9.5
Full Changelog: v0.9.4...v0.9.5
Small Modifications
- chore: remove deprecated sqs:*batch actions by @wideawakening in #121
Documentation
- troubleshooting for organizational management account ECR scanning
- troubleshoot not getting datasources alias
- troubleshoot for group already exists
- forcing events, clarify what's technically expected when image is scanned
- k8s example, clarify any kind of K8S cluster can be used for
- upgrading, clarify procedure
@hayk99 🙇🏽
Contributors
wideawakening and hayk99