Releases: cloudposse-archives/turf
v0.20.0
v0.19.0
Update github output syntax @max-lobur (#56)
## what Update github output syntaxwhy
Following github docs
references
v0.18.0
git.io->cloudposse.tools update @dylanbannon (#50)
## what and why Change all references to `git.io/build-harness` into `cloudposse.tools/build-harness`, since `git.io` redirects will stop working on April 29th, 2022.References
- DEV-143
v0.17.0
v0.16.0
updates to support priv sessions @mcalhoun (#41)
## what- Update to support privileged session for the security hub disable-global-control command
- Add retry logic to
UpdateStandardsControl
why
- When using AWS SSO and a profile, it is not necessary to assume a separate role
- When disabling a large number of controls, we often got
429
rate limit exceeded messages, so the retry logic deals with that
v0.15.0
- No changes
v0.14.0
allow security hub disable controls to run without role @mcalhoun (#39)
## whatAllow use of the current session in the aws disable-global-controls
command via the --privileged
flag rather than specifying a role ARN
why
When using an IAM user or AWS SSO, the user can run with the currently exported credentials (or specify a profile) rather than a role ARN. In the following example, the user would be deleting all the Security Hub Global Controls in the security
account:
$ AWS_PROFILE=acme-gbl-security-admin turf aws disable-global-controls --global-collector-region us-east-1 --privileged
v0.13.0
allow use of privileged session @mcalhoun (#36)
## whatAllow use of the current session in the aws delete-default-vpcs
command via the --privileged
flag rather than specifying a role ARN
why
When using an IAM user or AWS SSO, the user can run with the currently exported credentials (or specify a profile) rather than a role ARN. In the following example, the user would be deleting all the VPCs in the security
account:
$ AWS_PROFILE=acme-gbl-security-admin turf aws delete-default-vpcs --privileged --delete
v0.12.0
filter out ap-northeast-3 region @mcalhoun (#33)
# what- Exclude
ap-northeast-3
region from the enabled regions API call - Remove some redundant type specifications
- Update the docs to be more clear on what is deleted when VPCs are deleted
why
- The AWS SDK for Go currently doesn't generate endpoints for the
ap-northeast-3
region and an issue has been opened to track this.