Releases: quixoticmonk/cdk-nag
Releases · quixoticmonk/cdk-nag
v2.0.2
v2.0.1
v2.0.0
2.0.0 (2024-01-19)
⚠ BREAKING CHANGES
- S3BucketServerSideEncryptionEnabled rule is removed since S3 encrypts all new objects by default now.
https://aws.amazon.com/blogs/aws/amazon-s3-encrypts-new-objects-by-default/ - NagPack: Rule name consistency and system simplification (cdklabs#465)
- NIST 800-53 rev 4: Renaming NIST 800-53 pack in preparation for rev 5 pack (cdklabs#416)
Features
- ability to conditionally ignore suppressions (#1214) (6760c1b), closes #1010
- addResourceSuppressionsByPath throws error when resource is not found. (#836) (9dfbbc6)
- aws-cdk v2 support (#469) (03430b2)
- AwsSolutions: new ECS, EKS, EMR, Glue, MediaStore, RDS, SNS, and SQS rules (#621) (d6d8653)
- AwsSolutions: Update Aws Solutions rules (#435) (adeaa03)
- base64 encode reason when multibyte characters exist (#1000) (6f095f1), closes #999
- CloudFrontDistributionHttpsViewerNoOutdatedSSL rule (#717) (7d4c4de), closes #716
- core: Intrinsic Function handling (#400) (6fda15d)
- core: simpler rule creation system with error handling (#391) (507180d), closes #390 #388
- EC2IMDSv2Enabled rule (#1265) (d8736ba)
- EventBridge: EventBusOpenAccess rule (#636) (59c27b5)
- export rules as package (#486) (99a6d00), closes #482 #485
- Go support (#986) (948201f)
- Go support (#992) (32754b4)
- Granular findings for log export based rules (#679) (#684) (d737655)
- HIPAA Security, NIST 800 53 rev 4, NIST 800 53 rev 5, PCI DSS 321: implemented some previously excluded rules (#450) (daa26d7)
- HIPAA Security: Add 3 EC2 checks (#317) (9a6732b), closes #189 #191 #239
- HIPAA Security: add Cloudtrail checks (#313) (97883ae), closes #166 #168 #169
- HIPAA Security: API Gateway Rules (#323) (bd72956), closes #160 #161 #162 #163
- HIPAA Security: AutoScaling checks (#338) (f97b907), closes #164 #165
- HIPAA Security: CloudWatch Check (#376) (403efbd), closes #173
- HIPAA Security: CloudWatch checks (#339) (e6af24d), closes #171 #172
- HIPAA Security: CodeBuild checks (#340) (e6cbc8d), closes #174 #175
- HIPAA Security: DMS check (#341) (a9a7022), closes #176
- HIPAA Security: DynamoDB check (#342) (49c55a0), closes #179
- HIPAA Security: EC2 Checks (#367) (c9f637a), closes #185 #187 #238 #242
- HIPAA Security: ECS check (#344) (aa40fed), closes #243
- HIPAA Security: EFS check (#346) (ce04f57), closes #244
- HIPAA Security: Elastic Beanstalk Check (#377) (8099ecd), closes #248
- HIPAA Security: ElastiCache check (#347) (03e5f82), closes #246
- HIPAA Security: ElasticBeanstalk check (#353) (85f00a5), closes #247
- HIPAA Security: ELB checks (#349) (493a269), closes #158 #159 #253 #254 #255 #256 #257 #258
- HIPAA Security: EMR check (#358) (ed0ab3b), closes #259
- HIPAA Security: IAM Checks (#360) (4e6d7a6), closes #193 #195 #196 #198 #200
- HIPAA Security: initializing rules pack with initial list of excluded rules ([cdklabs#288](http...