Releases: aws-solutions/account-assessment-for-aws-organizations
Releases · aws-solutions/account-assessment-for-aws-organizations
v1.1.3
[1.1.3] - 2025-08-04
Changed
- CDK and aws-cdk-lib version bump
- Updated TTL for Policy DynamoDB records to 1 day
Security
- Enhanced security in metrics collection by preventing .netrc credential leakage
- Mitigated [CVE-2024-47081, CVE-2025-27789, CVE-2025-50181, CVE-2025-50182, CVE-2025-5889, CVE-2025-7783]
[1.1.2] - 2025-05-22
[1.1.2] - 2025-05-19
Added
- Input validation for Cfn parameter "Deployment Namespace"
- Point in time recovery to DynamoDB tables
Fixed
- Stack deletion no longer fails if Cognito User Pool has been deleted before
- StepFunction no longer fails when scanning large numbers of accounts due to service limit inb step output size
Removed
- "Delete Job" feature
- AppRegistry integration
Changed
- Updated dependencies to address setuptools CVE-2025-47273
[1.1.1] - 2025-02-10
Changed
- Update vitest version to v3.0.5 to mitigate CVE-2025-24964
[1.1.0] - 2025-01
Added
- Daily policy scan via EventBridge Rule / Step Function that records all found policies in DynamoDB
- PolicyExplorer page on the UI
- Ability to export all result tables as .csv
- Support for policy scans in AWS services: AWS RAM, EventBridge Schemas, AWS Systems Manager Incident Manager Contacts,
Redshift, ACM-PCA and Lex v2 - Support for Service Control Policies
Changed
- Deprecated Resource Based Policy module in favor of Policy Explorer. Data from previous Resource Based Policy scans
can still be viewed, but cannot start new scans. - Upgraded Amplify library from v5 to v6
- Upgraded mock-service-worker library from v1 to v2
- Upgraded from create-react-app to vite
Fixed
- Make handling of 'content-type' request header case-insensitive to be more resilient to API Gateway service changes
- API error responses are now displayed on the UI properly, no longer disguised as CORS problems
[1.0.16] - 2024-11
Changed
- Updated dependencies to address cross-spawn CVE-2024-21538
v1.0.15
[1.0.15] - 2024-10
Changed
- Updated dependencies to mitigate CVE-2024-21536
- Add poetry.lock to pin dependency versions for Python code
- Adapt build scripts to use Poetry for dependency management
v1.0.14
[1.0.14] - 2024-10
Changed
- Remove dependencies
bootstrapanddatefns - Allow backend to accept uppercase http headers, to prevent errors when receiving uppercase
Content-type - Replace pip3/requirements.txt dependency management with Poetry
Added
- Add poetry.lock file to support reproducible builds, improve vulnerability scanning
v1.0.13
[1.0.13] - 2024-9
- Upgrade
rollupto mitigate CVE-2024-47068
v1.0.12
v1.0.11
[1.0.11] - 2024-9
Fixed
- Added support for keys
aws:SourceOrgID,aws:SourceOrgPathsin policy conditions
Updated dependencies
motofrom v4.x to v5.x for python unit testsmicromatchto mitigate CVE-2024-4067webpackto mitigate CVE-2024-43788expressto mitigate CVE-2024-43796sendto mitigate CVE-2024-43799serve-staticto mitigate CVE-2024-43800path-to-regexpto mitigate CVE-2024-45296body-parserto mitigate CVE-2024-45590