v0.9.0

readme updated, Encrypt SNS Topic Data enabled by default @maximmi (#26)

what

• BridgeCrew compliance checks fix
• readme updated
• default behaviour changed: Encrypt SNS Topic Data enabled by default

why

• To be able to position our modules as standards compliant
• Providing explicit note about policy attached directly to user
• To comply BridgeCrew check

references

• https://docs.bridgecrew.io/docs/general_15
• https://docs.bridgecrew.io/docs/logging_13

v0.8.0

Terraform 0.14 upgrade @maximmi (#25)

what

• Upgrade to support Terraform 0.14 and bring up to current Cloud Posse standard

why

• Support Terraform 0.14

v0.7.0

fix: regenerate readmes @dotCipher (#22)

## what * Regenerates readmes

why

• There was drift since #21 was merged

references

• #21

v0.6.0

Rewrite for TF 0.12 and testing @dotCipher (#21)

## what

• Brings this module into the new ecosystem of tools used by CloudPosse, and updates terraform compatibility to v0.12.x.
• Adds .github dir with all the CloudPosse defaults
• Created a complete test case with updated CloudPosse module references
• Updated syntax for dashboard creation to use terraform native code, then jsonencode
• Extract all metric definitions into single metric_definitions.tf file for readability

why

• Hasn't been updated in a while, and I would like to use it 😄

references

• Closes #11

0.5.0 Fix parenthesis

what

• Fix parenthesis

why

• Some code did not properly include a set of parenthesis

0.4.0 Change filter expressions as per CIS Benchmark guide

what

• Change filter expressions as per CIS Benchmark guide

why

• Update 3 filters in alarms.tf as per CIS Benchmark guide.

  • Ensure a log metric filter and alarm exist for Management Console sign-in without MFA
  • Ensure a log metric filter and alarm exist for disabling or scheduled deletion of customer created CMKs
  • Ensure a log metric filter and alarm exist for AWS Config configuration changes

references

• https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf

related

• Closes #9

0.3.0 Fix permissions

what

• Fix permissions

why

• The alerts do not originate from events.amazonaws.com

0.2.0: Add extra filters to comply with CIS AWS benchmark (#7)

* Add filter for sign in with no MFA

* Run build-harness/vendor/terraform fmt

* Add period at the end of no MFA alert description

* Fix no MFA dashboard layout y value

* Add root account usage filter, alarm and widget

* Add KMS key deletion filter, alarm and widget

Source: https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys-creating-cloudwatch-alarm.html

* Add AWS config changes filter, alarm and widget

* Add route table changes filter, alert and widget

* Fix alarm description

* Add new metrics to the README

* Update available targets, autogenerated

* Add one single (whole) period.

Regenerate README.md

what

• Regenerate README.md

why

• Previous version of build-harness has some typos

Fix readme

• Fix avatars links