Policy/Rule Updates
- Added 21 new policies across the three clouds AWS, Azure, and GCP
- Fixed the bugs with the existing policy metadata/documentation.
- We are improving the wiki for the existing rules. This is an ongoing effort.
UI Updates
- Added new Asset Distribution Screen.
- Modified the dashboard violation tails to include more metadata.
- Fixed other bugs across the application
Other Changes:
- We have removed the Azure Policy Definitions and Policy Evaluations from assets. So existing users will be seeing Azure assets going down post-upgrade. We will be working on a feature to represent these in a better way in the coming releases.
Known Issues
- We are testing 2 AWS and 1 Azure policy which we have added in this release. They may not be fully functional yet. We will update then in the upcoming release if necessary.
What's Changed
- feat : Enable Cloud Asset Inventory by @AnjaliMadhavi-Nakirikanti in #495
- Deny admin Privileges to service accounts by @AishwaryaKulkarni97 in #493
- feat: added current version in Ui by @ranadheer-b in #498
- fix: fixed data fetch issue and other minor bugs by @sidharthjain-zemoso in #501
- feat: enable active directory on app services by @AishwaryaKulkarni97 in #497
- feat: Deny usage of service accounts with full cloud API access by @AishwaryaKulkarni97 in #504
- feat: added new aws rule to check root user account access key by @amishavijayakumar08 in #496
- fix:Collector and rule. by @kushZemoso in #507
- fix: Correcting count of accounts in statistics API by @dheerajkholia-paladin in #511
- feat:Deny usage of default service accounts for instances by @AnjaliMadhavi-Nakirikanti in #506
- feat:Policy to check enable mfa delete on s3 bucket by @amishavijayakumar08 in #508
- feat:Added a new policy for DiskEncryption. by @kushZemoso in #505
- Fix: Disabling qualys collector and rules when its disabled from installer by @dheerajkholia-paladin in #510
- feat: added exempted assets count Api by @ranadheer-b in #514
- fix: fixed dropdown bug in create asset group page by @ranadheer-b in #517
- feat: added api for distribution by severity by @sidharthjain-zemoso in #516
- fix:kms_key rule by @kushZemoso in #522
- fix: list state by @sidharthjain-zemoso in #519
- feat: generalised rule for cloud sql db flags by @AishwaryaKulkarni97 in #523
- feat:Policy to check log file validation enabled on CloudTrail by @akashpaladin in #526
- feat:This rule checks if skip_show_database flag for MYSQL db is enab… by @kushZemoso in #527
- feat: AWS DataCollector for CloudWatch log and CloudWatch alarm by @arunpaladin in #528
- updated default values for es by @rnithinpaladin in #525
- feat: enable log connection for postgres rule by @AishwaryaKulkarni97 in #530
- feat:Policy to check CloudTrail logs are encrypted using KMS by @akashpaladin in #535
- feat: Ensure log_hostname db flag is enabled for postgres clould sql by @raviteja-mandala in #534
- feat:enable log disconnection for postgres rule by @kushZemoso in #536
- Feat/key expiration date by @AishwaryaKulkarni97 in #538
- chore/external_alb_need_https by @rnithinpaladin in #539
- feat: Disable Log_min_duration_statement Database Flag for PostgreSQL Instance by @AnjaliMadhavi-Nakirikanti in #537
- feat : Enable Confidential Computing for Compute Instance by @AnjaliMadhavi-Nakirikanti in #515
- docs: Added files via upload by @MonikaSharmaZemoso in #544
- Feat/enforce sql server user connections db flag to non limiting by @AnjaliMadhavi-Nakirikanti in #531
- fix:modified date formats by @ranadheer-b in #545
- feat: Added ECS Cluster service to data collector by @arunpaladin in #546
- Add files via upload by @MonikaSharmaZemoso in #548
- Feat/secret expiration date by @AishwaryaKulkarni97 in #543
- feat:Configure log_min_error_statement Flag for PostgreSQL Database I… by @kushZemoso in #542
- feat: Policy to check whether 'All users with following rules' is set… by @raviteja-mandala in #549
- feat: added asset trend graph, modified tiles, replaced table with ne… by @sidharthjain-zemoso in #550
- fix : fix for audit log api by @AnjaliMadhavi-Nakirikanti in #553
- Revert "chore/external_alb_need_https" by @rnithinpaladin in #556
- feat: remove user options db flag for sql server by @AishwaryaKulkarni97 in #552
- feat: Added new asset summary screen by @sidharthjain-zemoso in #557
- fix: Modified existing SQL Query by @arunpaladin in #555
- fix: Completed p0 tasks and fixed style related bugs in dashboard and asset-summary by @sidharthjain-zemoso in #565
- feat: Added Asset Distribution Screen by @ranadheer-b in #566
- chore: updated version by @santhosh-challa in #571
- fix: removed quotes for user options for release branch by @AishwaryaKulkarni97 in #575
- fix: Asset API correction by @dheerajkholia-paladin in #576
- refactor: description and policy name changes by @raviteja-mandala in #580
- fix: added asset group for exception and audit by @ranadheer-b in #581
- Fix: Asset group update failure by @dheerajkholia-paladin in #582
- Fix/audit log issue v1.5.0 by @AnjaliMadhavi-Nakirikanti in #569
- Fix/log min error flag by @kushZemoso in #585
- fix: fixed ui inconsistencies by @sidharthjain-zemoso in #588
- removed google anaytics by @rnithinpaladin in #590
- Fix/bug fixes v1.5.0 by @ranadheer-b in #591
- updated sql query to disable unused target type by @arunpaladin in #594
- added config_url to rule_engine rules by @rnithinpaladin in #596
- fix:esurl by @kushZemoso in #598
- Fix/bug fixes by @ranadheer-b in #600
- fixed audit log bug by @ranadheer-b in #602
New Contributors
- @MonikaSharmaZemoso made their first contribution in #544
Full Changelog: 1.4.0...1.5.0