Merge pull request #39 from aws-solutions/release/v1.1.0

Release v1.1.0

Author: abewub

CHANGELOG.md

@@ -5,21 +5,56 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.1.0] - 2025-01-27
+
+### Added
+
+- Daily policy scan via EventBridge Rule / Step Function that records all found policies in DynamoDB
+- PolicyExplorer page on the UI
+- Ability to export all result tables as .csv
+- Support for policy scans in AWS services: AWS RAM, EventBridge Schemas, AWS Systems Manager Incident Manager Contacts,
+  Redshift, ACM-PCA and Lex v2
+- Support for Service Control Policies
+
+### Changed
+
+- Deprecated Resource Based Policy module in favor of Policy Explorer. Data from previous Resource Based Policy scans
+  can still be viewed, but cannot start new scans.
+- Upgraded Amplify library from v5 to v6
+- Upgraded mock-service-worker library from v1 to v2
+- Upgraded from create-react-app to vite
+
+### Fixed
+
+- Make handling of 'content-type' request header case-insensitive to be more resilient to API Gateway service changes
+- API error responses are now displayed on the UI properly, no longer disguised as CORS problems
+
+### Removed
+
+- ApplicationInsightsConfiguration due to race condition that caused intermittent deployment failures. Customer can
+  still set up ApplicationInsights through AWS Console if desired.
+
 ## [1.0.16] - 2024-11-27
 
 ### Changed
 
 - Updated dependencies to address cross-spawn CVE-2024-21538
 
-## [1.0.15] - 2024-10
+## [1.0.16] - 2024-11-27
+
+### Changed
+
+- Updated dependencies to address cross-spawn CVE-2024-21538
+
+## [1.0.15] - 2024-10-23
 
 ### Changed
 
 - Updated dependencies to mitigate CVE-2024-21536
 - Add poetry.lock to pin dependency versions for Python code
 - Adapt build scripts to use Poetry for dependency management
 
-## [1.0.14] - 2024-10
+## [1.0.14] - 2024-10-15
 
 ### Changed
 
@@ -31,36 +66,36 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - Add poetry.lock file to support reproducible builds, improve vulnerability scanning
 
-## [1.0.13] - 2024-9
+## [1.0.13] - 2024-09-24
 
 - Upgrade `rollup` to mitigate [CVE-2024-47068](https://nvd.nist.gov/vuln/detail/CVE-2024-47068)
 
-## [1.0.12] - 2024-9
+## [1.0.12] - 2024-09-17
 
 - `path-to-regexp` to mitigate [CVE-2024-45296](https://avd.aquasec.com/nvd/cve-2024-45296)
 
-## [1.0.11] - 2024-9
+## [1.0.11] - 2024-09-12
 
 ### Fixed
 
 - Added support for keys `aws:SourceOrgID`, `aws:SourceOrgPaths` in policy conditions
 
-### Updated dependencies
+### Changed
 
 - `moto` from v4.x to v5.x for python unit tests
 - `micromatch` to mitigate [CVE-2024-4067](https://avd.aquasec.com/nvd/cve-2024-4067)
 - `webpack` to mitigate [CVE-2024-43788](https://avd.aquasec.com/nvd/cve-2024-43788)
 - `express` to mitigate [CVE-2024-43796](https://avd.aquasec.com/nvd/cve-2024-43796)
-- `send` to mitigate [CVE-2024-43799 ](https://avd.aquasec.com/nvd/cve-2024-43799)
+- `send` to mitigate [CVE-2024-43799](https://avd.aquasec.com/nvd/cve-2024-43799)
 - `serve-static` to mitigate [CVE-2024-43800](https://avd.aquasec.com/nvd/cve-2024-43800)
 - `path-to-regexp` to mitigate [CVE-2024-45296](https://avd.aquasec.com/nvd/cve-2024-45296)
 - `body-parser` to mitigate [CVE-2024-45590](https://avd.aquasec.com/nvd/cve-2024-45590)
 
-## [1.0.10] - 2024-8
+## [1.0.10] - 2024-08-13
 
 - Upgrade `axios` to mitigate [CVE-2024-39338](https://nvd.nist.gov/vuln/detail/CVE-2024-39338)
 
-## [1.0.9] - 2024-08
+## [1.0.9] - 2024-08-01
 
 ### Security
 
@@ -72,32 +107,32 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   The failed buckets will be reported as individual failures with bucket name in on the solution UI, while scan results
   for all other buckets will be reported successfully.
 
-## [1.0.8] - 2024-06
+## [1.0.8] - 2024-06-18
 
 ### Fixed
 
 - Updated package versions to resolve security vulnerabilities.
 
-## [1.0.7] - 2024-06
+## [1.0.7] - 2024-06-07
 
 ### Fixed
 
 - Updated package versions to resolve security vulnerabilities.
 
-## [1.0.6] - 2024-03
+## [1.0.6] - 2024-03-29
 
 ### Fixed
 
 - Updated package versions to resolve security vulnerabilities.
 - Pinned boto3 and botocore versions to ~1.34.0
 
-## [1.0.5] - 2023-10
+## [1.0.5] - 2023-10-29
 
 ### Fixed
 
 - Updated package versions to resolve security vulnerabilities.
 
-## [1.0.4] - 2023-04
+## [1.0.4] - 2023-04-17
 
 ### Changed
 

CODE_OF_CONDUCT.md

@@ -1,4 +1,2 @@
 ## Code of Conduct
-This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct). 
-For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact 
-[email protected] with any additional questions or comments.
+This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct). For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact [email protected] with any additional questions or comments.

CONTRIBUTING.md

@@ -6,66 +6,54 @@ documentation, we greatly value feedback and contributions from our community.
 Please read through this document before submitting any issues or pull requests to ensure we have all the necessary
 information to effectively respond to your bug report or contribution.
 
-
 ## Reporting Bugs/Feature Requests
 
 We welcome you to use the GitHub issue tracker to report bugs or suggest features.
 
-When filing an issue, please
-check [existing open](https://github.com/aws-solutions/account-assessment-for-aws-organizations/issues),
-or [recently closed](https://github.com/aws-solutions/account-assessment-for-aws-organizations/issues?utf8=%E2%9C%93&q=is%3Aissue%20is%3Aclosed%20),
-issues to make sure somebody else hasn't already
+When filing an issue, please check [existing open](https://github.com/aws-solutions/automated-security-response-on-aws/issues), or [recently closed](https://github.com/aws-solutions/automated-security-response-on-aws/issues?utf8=%E2%9C%93&q=is%3Aissue%20is%3Aclosed%20), issues to make sure somebody else hasn't already
 reported the issue. Please try to include as much information as you can. Details like these are incredibly useful:
 
-* A reproducible test case or series of steps
-* The version of our code being used
-* Any modifications you've made relevant to the bug
-* Anything unusual about your environment or deployment
-
+- A reproducible test case or series of steps
+- The version of our code being used
+- Any modifications you've made relevant to the bug
+- Anything unusual about your environment or deployment
 
 ## Contributing via Pull Requests
+
 Contributions via pull requests are much appreciated. Before sending us a pull request, please ensure that:
 
-1. You are working against the latest source on the *master* branch.
+1. You are working against the latest source on the _master_ branch.
 2. You check existing open, and recently merged, pull requests to make sure someone else hasn't addressed the problem already.
 3. You open an issue to discuss any significant work - we would hate for your time to be wasted.
 
 To send us a pull request, please:
 
 1. Fork the repository.
 2. Modify the source; please focus on the specific change you are contributing. If you also reformat all the code, it will be hard for us to focus on your change.
-3. Ensure all build processes execute successfully (see README.md for additional guidance).
-4. Ensure all unit, integration, and/or snapshot tests pass, as applicable.
-5. Commit to your fork using clear commit messages.
-6. Send us a pull request, answering any default questions in the pull request interface.
-7. Pay attention to any automated CI failures reported in the pull request, and stay involved in the conversation.
+3. Ensure local tests pass.
+4. Commit to your fork using clear commit messages.
+5. Send us a pull request, answering any default questions in the pull request interface.
+6. Pay attention to any automated CI failures reported in the pull request, and stay involved in the conversation.
 
 GitHub provides additional document on [forking a repository](https://help.github.com/articles/fork-a-repo/) and
 [creating a pull request](https://help.github.com/articles/creating-a-pull-request/).
 
-
 ## Finding contributions to work on
 
-Looking at the existing issues is a great way to find something to contribute on. As our projects, by default, use the
-default GitHub issue labels ((enhancement/bug/duplicate/help wanted/invalid/question/wontfix), looking at
-any ['help wanted'](https://github.com/aws-solutions/account-assessment-for-aws-organizations/labels/help%20wanted)
-issues is a great place to start.
-
+Looking at the existing issues is a great way to find something to contribute on. As our projects, by default, use the default GitHub issue labels ((enhancement/bug/duplicate/help wanted/invalid/question/wontfix), looking at any ['help wanted'](https://github.com/aws-solutions/automated-security-response-on-aws/labels/help%20wanted) issues is a great place to start.
 
 ## Code of Conduct
+
 This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct).
 For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact
 [email protected] with any additional questions or comments.
 
-
 ## Security issue notifications
-If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a public GitHub issue.
 
+If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a public github issue.
 
 ## Licensing
 
-See the [LICENSE](https://github.com/aws-solutions/account-assessment-for-aws-organizations/blob/main/LICENSE.txt) file
-for our project's licensing. We will ask you to confirm the licensing of your contribution.
+See the [LICENSE](https://github.com/aws-solutions/automated-security-response-on-aws/blob/main/LICENSE.txt) file for our project's licensing. We will ask you to confirm the licensing of your contribution.
 
-We may ask you to sign
-a [Contributor License Agreement (CLA)](http://en.wikipedia.org/wiki/Contributor_License_Agreement) for larger changes.
+We may ask you to sign a [Contributor License Agreement (CLA)](https://en.wikipedia.org/wiki/Contributor_License_Agreement) for larger changes.