StackZone AWS Core: v4.45.x Release
Release Notes
Eduardo Van Cauteren
Last Update 22 天前
Highlights
New Features:
- Added AWS Config Rule: Elastic Beanstalk Logs to CloudWatch
- Added AWS Config Rule: Elastic Beanstalk Enhanced Health Reporting
- Added AWS Config Rule: S3 Bucket Blacklisted Actions Prohibited
- Added AWS Config Rule: S3 Account Level Public Access Blocks Periodic
- Added AWS Config Rule: S3 Bucket Policy Grantee Check
Added AWS Config Rule: OpenSearch Data Node Fault Tolerance
Added a remediation to AWS Config rule: OpenSearch HTTPS Required
- Added a remediation to AWS Config rule: IAM User Unused Credential
- Added new SCP to block purchase reservations in all accounts except primary
- Added an option in Access Analyzer to check unused IAM Accesses
- All accounts and managed regions will now have IMDSv2 enabled by default
Bug Fixes
Bug Fixes:
- Added several permissions for GuardDuty findings in StackZone limited role
- Added various read permissions to StackZone operations role
- Fixed a bug to prevent Access Analyzer being built in other than the primary region
- Updated Boto 3 Lambda layer to the latest version
- Fixed CloudTrail KMS Rotation parameter value
- Disable AutoEnable and AutoEnableStandards when delegating Security Hub
- Added some missing Info Panels
Known Issues
- STNO deployment fails when there are more than one StackZone enabled region in the Organization
- Remediations in Operations > Security Compliance > Rules may fail when executed
v4.45.1 Additions
Bug Fixes:
- Fixed parameter for KMS Cloudtrail Rotation
v4.45.2 Additions
Bug Fixes:
- Fixed Serverless Transit Network Orchestrator - this feature has been upgraded to v3.3.3 in line with AWS Solutions
- Added Organizations permission to OperationsRole
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy to follow videos or just create your own StackZone Account here
