v2.1.0

[2.1.0] - 2024-06-17

Added

• Support for China regions.
• Support for GovCloud regions.
• Support for Opt-in regions.
• Policies will now update automatically when a new version of policy_manifest.json file is uploaded to the solution's PolicyManifest S3 bucket.
• Automations for AWS Shield Advanced subscribers to set up health-based detection and proactive engagement. This includes three new CloudFormation templates: aws-fms-shield-automations-prereq, aws-fms-shield-automations, and aws-fms-proactive-event-response.
• Option to subscribe to SNS topic for error notifications.
• Integration with Amazon X-Ray.
• Lambda layer for utilities shared by solution's lambda functions.
• Snapshots for CDK stacks in source/resources/__tests__.
• upload-s3-dist.sh script to the /deployment directory to upload solution artifacts directly to S3.

Changed

• Updated default policy_manifest.json to enable AWS Shield Advanced automatic application-layer DDoS protection in "count" mode for Shield Advanced policies deployed by the solution via Firewall Manager. Currently, AWS Shield supports this feature for CloudFront distributions and Application Load Balancers only.
• General refactor to increase code and unit test clarity.
• policyUpdateToken is no longer stored in DynamoDB, instead it is retrieved using FMS GetPolicy API.
• Removed anonymized metrics publishing from PreReqManager Lambda function.
• Removed UUID from the Prerequisite stack.
• Updated wording from "anonymous" to "anonymized" for metric publishing.
• Removed MetricsQueue resource & MetricsManager Lambda function and consolidated metrics publishing to the utilsLayer.
• Enhanced log statements to use Lambda Powertools Logger.
• Enhanced SSM Parameter retrieval to use Lambda Powertools.
• Upgraded dependencies with npm upgrade.

Fixed

• Fixed bug in Prerequisite stack which halted AWS Organizations trusted access with CloudFormation StackSets from being activated.