• Add resource cleanup behavior - AFT now deletes the customization pipeline and metadata record for an account when its request file is removed from the account request repo.
• Use consistent S3 Block Public Access settings for AFT buckets.
• Bugfix: Targeting suspended or non-existent accounts with the aft-invoke-customizations step function no longer causes the customization workflow to fail. These accounts now generate a warning in the logs but are otherwise ignored.
• Bugfix: The account provisioning workflow no longer fails when any Account Factory provisioned product is in a Tainted state without a prior successful event.
• Bugfix: Mitigate an issue that causes the account customization workflow to fail when an account record is present in the metadata table but has been removed from the account request table.
  • The new cleanup behavior prevents this issue from newly occurring, but does not resolve failures caused by de-synchronized metadata records that already exist.
• Bugfix: Fix case-sensitive email comparisons throughout AFT.
• Bugfix: Resolve authorization errors that appeared in AFT logs without affecting functionality.