-
AFT can now be deployed without the use of a VPC and related private networking resources (NAT Gateways, VPC endpoints) by setting the
aft_enable_vpc
parameter tofalse
. This configuration allows customers to further customize their AFT deployment.aft_enable_vpc = true
by default.- NOTE: When enabling VPC by toggling
aft_enable_vpc
from false to true, you may need to run terraform apply twice in succession. This is a known public issue with the Terraform AWS Provider.
- NOTE: When enabling VPC by toggling
-
An expiration or retention period can now be set for the following AFT resources -
- AWS Backup recovery point retention period through the
backup_recovery_point_retention
parameter.backup_recovery_point_retention = None
by default. (#295) - Log archive S3 bucket objects expiration through the
log_archive_bucket_object_expiration_days
parameter.log_archive_bucket_object_expiration_days = 365 days
by default. (#405)
- AWS Backup recovery point retention period through the
-
Upgrade the Python requests library version in
aft-lambda-layer
. -
Ensure the AFT VPC default Security Group has no inbound/outbound rules, complying with AWS Foundational Security Best Practices. (#275)
-
Bug Fix: Add missing retention period for CloudWatch Log Groups associated with the Lambda and CodeBuild. (#290)
-
Bug Fix: Fix invalid resource type for action in IAM policy. (#408)