v0.3.0

Breaking Changes

• Remove providers from /examples enabling user to override them. Removed parameters now inferred from provider (#40) (#42)

Features

• enable user to provider its own cloudtrail+SNS (vía cloudtrail_sns_arn input on examples) making resource creation optional within example (#43)

Small Modifications

• narrow down sqs-sns permissions (#39)

v0.2.5

Bug Fixes

• fix permission for S3, to be able to work both with * (single-account) and specific ARN (org-account) (#38)

Small Modifications

• remove unecessary assumeRole in k8s based examples (#38)
• add org-k8s example test to CI (#38)

v0.2.4

Bug Fixes

• benchmark: single-account data org handle (#36)

Examples (Internal)

• Use case testing to enable Organizational K8s for Event Ingestion from S3 instead of Cloudtrail-SNS (#32)
  More detail on examples-interna/organizational-k8s-threat-reuse_cloudtrail/README.md

Small Modifications

• chore(permissions): homogeneize eks with ecs to remove unnecesary ones (#37)

v0.2.3

Features

• Enable optional module usage (threat-detection, scanning) in the EKS example ( #35)

Small Modifications

• Refactor single-account permissions ( #35)
• Limit permissions to ECS services for Cloud Connector and Scanning (#34)

v0.2.2

Features

• Surface region and name in benchmark examples (#28)
• Add organizational support for cloud-bench (#24)

Bugfixes

• Remove unnecessary sqs policy dependency

v0.2.1

Features

• Custom Role name in Cloud Bench (#26)

v0.2.0

Features

• Add single-account-k8s (threat + scan) (#23) deploy workloads on an existing K8s
• Add organizational cloud-scanning (#20)

Refactor

• refactor: Extract a CloudTrail Subscription SQS module

Small Modifications

• Add kitchen test to the project and create Github workflow for this test (#18)
• CI cleanup (#21)

v0.1.2

Feat

• Organizational multi-account threat-detection (with organizational cloudtrail)
• Single-account threat-detection, scanning and agentless-cloudbench