This repository was archived by the owner on Oct 4, 2024. It is now read-only.
Release 1.7.2(legacy)
·
1035 commits
to master
since this release
What’s Changed
Dependency updates
New cfn-nag rules
- W83 DynamoDB Accelerator (DAX) Cluster should have encryption enabled
- W84 CloudWatchLogs LogGroup should specify a KMS Key Id to encrypt the
log data - W85 ElasticsearchcDomain should have NodeToNodeEncryptionOptions enabled
- W86 CloudWatchLogs LogGroup should specify RetentionInDays to expire the
log data - W87 ApiGateway Deployment should have cache data encryption enabled when
caching is enabled in StageDescription properties - W88 Kinesis Firehose DeliveryStream of type DirectPut should specify
SSE. - W89 Lambda functions should be deployed inside a VPC
- W90 ElasticsearchcDomain should be inside vpc, should specify VPCOptions
- W91 Database Migration Service replication instances are public,
property PubliclyAccessible should be set to false - W92 Lambda functions should define ReservedConcurrentExecutions to
reserve simultaneous executions