github aws-samples/aws-security-reference-architecture-examples v2.1.0
SRA v2.1.0
on GitHub

latest releases: v3.1.0, v3.0.4, v2.1.4...
2 years ago

Contributions

What was added?

  • Account Alternate Contacts solution to configure billing, operations, and security contacts within all accounts in the organization. Notable patterns included in this solution are:
    • Ability to exclude accounts via Account tags.
    • A scheduled event rule to capture Account status changes (e.g. suspended to active).
      • Also, we included the ability to trigger the Lambda Function ad hoc before the next scheduled run.
    • Global Organization events are forwarded to the Home region default EventBus for triggering the Lambda function.
    • The AWS Organizations Event Rule triggers the AWS Lambda Function when updates are made to accounts within the organization.
      • When AWS Accounts are added to the AWS Organization outside of the AWS Control Tower Account Factory. (e.g. account created via AWS Organizations console, account invited from another AWS Organization).
      • When tags are added or updated on AWS Accounts.
  • GitHub Actions were added to perform quality and security checks on pull requests and pushes to the main branch.
  • An Example Solution Table was added to the main README providing additional information about each solution like what Control Tower provides and dependencies.

What was changed?

  • Security Hub solution was updated to enable the management account before adding it as a member to the delegated admin account.
  • Security Hub and Common Prerequisites solution updates to handle Control Tower environments with a single governed region.
  • Updated solutions to include a condition for Graviton supported regions.
  • Updated the Common Prerequisites solution README to remove deploying the Staging S3 Bucket within the Solution Deployment steps.
  • The DOWNLOAD-AND-STAGE-SOLUTIONS.md document now includes deploying the Staging S3 Bucket step.
  • Updated the DOWNLOAD-AND-STAGE-SOLUTIONS.md document to include deploying the Staging S3 Bucket template. Also, added an AWS CLI command for deploying the template via the command line.
  • Updated the Solution Deployment instructions in all solution README files to include AWS CLI commands for deploying the main templates. The AWS CLI command can be used to deploy the template via the command line within tools like CloudShell.
  • Updated all main template parameters that allow a blank string to include a default empty string allowing the AWS CLI command to work without passing the optional parameters.
Check out latest releases or
releases around aws-samples/aws-security-reference-architecture-examples v2.1.0

Don't miss a new aws-security-reference-architecture-examples release

NewReleases is sending notifications on new releases.

Get notifications