github awslabs/landing-zone-accelerator-on-aws v1.13.0-experimental-a
on GitHub

latest releases: v1.13.0, v1.12.6
pre-releaseone month ago

Important Notice: Experimental Release v1.13.0

We are pleased to announce an experimental release of the Landing Zone Accelerator on AWS, providing early access to upcoming features and improvements.

Intended Usage and Environment Considerations

This experimental release is specifically designed for evaluation and testing purposes in development environments only. Given the nature of pre-release software and ongoing refinements, we strongly advise against deploying these features in production environments at this time. Organizations should continue to rely on our latest official release for production workloads to ensure maximum stability and support coverage.

Support and Issue Reporting Guidelines

Any issues encountered while using this experimental release should be reported directly through our GitHub issues, rather than through AWS Support directly. This approach allows our development team to rapidly address feedback and incorporate improvements into the upcoming official release. When submitting GitHub issues, please clearly indicate that it relates to the experimental release (experimental/v1.13.0) to help us properly track and address your input.

Path to Official Release

Features and improvements introduced in this experimental release will undergo thorough testing and refinement before being incorporated into an official release. We encourage users to subscribe to our repository notifications to stay informed about updates and the timeline for official release availability.# Release Notes - Version 1.13.0

Breaking Changes

For users who previously utilized the ACCELERATOR_NO_ORG_MODULE environment variable in the AWSAccelerator-ToolkitProject CodeBuild project to address AWS Control Tower API errors during organizational unit registration, please note the following changes after upgrading to LZA v1.13.0:

  1. Remove the ACCELERATOR_NO_ORG_MODULE variable.
  2. Add four new environment variables to the AWSAccelerator-ToolkitProject:
    - SkipCreateOrganizationalUnit
    - SkipRegisterOrganizationalUnit
    - SkipInviteAccountsToOrganizations
    - SkipMoveAccounts
  3. Set each of these new variables to "yes" to maintain functionality similar to the previous ACCELERATOR_NO_ORG_MODULE setting.
    These changes provide more granular control over specific organizational actions while addressing the same API error concerns.

New Features

Network Refactor

A major architectural enhancement in LZA v1.13.0 transforms how network resources are deployed, significantly improving scalability for customers with complex networking needs. Previously constrained by CloudFormation's 500-resource limit per stack, the LZA now deploys each VPC in its own independent stack, eliminating restrictions on the number of VPCs that can be deployed within an AWS account and region. For more information, please see here.

CloudFormation Stack Policies

The LZA introduces support for CloudFormation Stack Policies, enabling organizations to prevent unintentional updates or deletions of critical stack resources during CloudFormation stack updates. This new capability allows for granular configuration of protected resource types within LZA-created stacks, helping organizations maintain infrastructure stability while retaining flexibility for controlled updates when needed.

RCPs and Declarative policies

The LZA has expanded its policy management capabilities by adding support for both Resource Control Policies (RCPs) and Declarative Policies. RCPs help establish data perimeters by restricting external access to resources at scale, while Declarative Policies enable you to enforce desired service configurations across your organization - such as ensuring EC2 instances only launch from approved AMIs or automatically blocking public VPC access. Both policy types are enforced centrally within Organizations, providing central governance and security teams with robust preventive controls that maintain compliance with organizational standards, even as services evolve with new features and APIs.

Performance Improvements

  • This release introduces significant performance enhancements through caching. By caching the code built by the installer pipeline, we've eliminated the need for redundant build steps in the core pipeline, reducing execution time by approximately 6 minutes per run.

  • Additionally, we've optimized CloudFormation updates by changing the default behavior to perform direct updates rather than creating change sets. This modification results in approximately 15% faster pipeline execution times, with more significant improvement in large environments. Change sets can still be enabled if preferred.

Full Changelog: v1.12.0...v1.13.0-experimental-a

Check out latest releases or
releases around awslabs/landing-zone-accelerator-on-aws v1.13.0-experimental-a

Don't miss a new landing-zone-accelerator-on-aws release

NewReleases is sending notifications on new releases.

Get notifications