Important
We highly recommend that you keep your environments up to date by upgrading to the latest version. See Update the solution for the required actions to upgrade.
Skip Bulk Updates For CloudWatch Logs
In LZA environments containing more than 5,000 CloudWatch Log Groups, some users observed the Custom::UpdateSubscriptionFilter function times out during upgrades when attempting to take action on every log group. In order to provide a path forward for these customers, the LZA added a configuration option that can be used to skip bulk updates in these instances. Please note that enabling this configuration option can cause the targeted environments to become out of sync from the configuration specified for CloudWatch Log Groups in the global configuration. For new LZA deployments after v1.12.0, we recommend customers use account level subscription filters to solve this problem.
Added
- feat(control-tower): allow expanded set of ct control identifiers
Fixed
- fix(asea): udp security group ingress rule using incorrect port definition
- fix(cloudwatch): added skip bulk updates for custom resource
- fix(sample-config): removed dash to extend preventative measures to roles
- fix(sqs): add cfn nag rules
- fix(ssm): analyze account input in share document