Releases: awslabs/ssosync
v2.2.8
v2.2.7
- Adding concurrency limits to prevent potential race condition or overlapping execution.
- updates to dependancies for GitHub workflows
- Extend allowed SCIM access token length
- Improve ReadMe readability
Changelog
- 4b3661b Addressing workflow issues
- 00d3bb3 Bump github.com/hashicorp/go-retryablehttp from 0.7.0 to 0.7.7 (#205)
- c7a866c Fixes for workflow automations (#214)
- 3266d73 Restrict Maximum Concurrency for the ssosync lambda to 1 #207
- 72e2724 Updated fix for SCIMEndpointAccessToken (#215)
- c6c6956 fix readme document (#195)
- 1080aca workflow update
v2.1.0
Switch lambda to provided.al2 powered by ARM64 instances.
- user and group selection fields in the Cloudformation template can now be left empty where not required and will not be added as environment variables to the Lambda function, this provides consistency with CLI use of ssosync.
- Stronger validation of parameters in the Cloudformation template, to improve likelihood of success for new users.
- Now supports multiple deployment patterns, defaults are consistent with previous versions.
- Configurable log retention for the Lambda's CloudWatch logs. Default is old behavior of indefinite retention.
- Lambda timeout is now configurable. Default is old static setting.
- Additional tests in CICD to cover the above new functionality.
- Consolidation of Test Secrets for the release pipeline to be in the production account, rather than all accounts, reduces admin when secrets need to be updated.
App + secrets This is the default mode and fully backwards compatible with previous versions
App only This mode does not create the secrets but expects you to deployed a separate stack using the Secrets only mode within the same account
If you want to use your own existing secrets then provide them as a comma separated list in the CrossStackConfig field in the following order: ,,,,,,
App for cross-account This mode is used where you have deployed the secrets in a separate account, the arns of the KMS key and secrets need to be passed into the CrossStackConfig field, It is easiest to have created the secrets in the other account using the Secrets for cross-account mode, as the output can simply copied and pasted into the above field.
Secrets only This mode creates a set of secrets but does not deploy the app itself, it requires the app is deployed in that same account using the App only mode. This allows for decoupling of the secrets and the app.
Secrets for cross-account This mode creates a set of secrets and KMS key but does not deploy the app itself, this is for use with an app stack, deployed using the App for cross-account mode. This allows for a single set of secrets to be shared with multipl app instance for testing, and improve secrets security.
Changelog
- 98435c9 Add Deletion/Update Policies to ArtifactBucketKey
- 7745881 Add Regex validation of schedule
- cd15fd5 Add log retention (#154)
- 10eff9f Add missing environment variable to README
- 2fbfe60 Adding SingleStack Test
- cdadba9 Adjusting Test pipeline naming
- fc9b6f4 Correct Param inclusion logic
- fa3082b Creating Cross-Account Secrets pipelines
- ce8037f Debugging the deployment for cross account secrets
- 217e744 Fixes Regexes
- 29b4794 Improving param validation in template
- 1a731bd Make the lambda timeout setting user configurable
- 66f093d Moving SAR-Staging item into account_execution stage
- dad4aa8 Prep for adding deploy_pattern test scenarios
- 0e0e787 Revert "Update buildspec.yml"
- 7fd13bb Revert "adjusting CICD for new template options"
- 69ca6df Revert "remove region from test template"
- 2544888 SingleStack test.
- 315e85d Squashed commit of the following:
- 971e99d Template Fixes
- 0533ffa Update CICD to match template changes
- 014accf Update README with lambda SLA warning
- 9c62032 Update README.md
- eb5f523 Update README.md
- e659dff Update README.md
- d93f2c1 Update buildspec.yml
- 5c969fd Update buildspec.yml
- f68a295 Update buildspec.yml
- f89e3ff Update buildspec.yml
- 3723f34 Update buildspec.yml
- 03b8068 Update buildspec.yml
- 63140f5 Update main.yml
- ed6a9ef Update release.yaml
- c116b36 Update release.yaml
- 18318e7 Update release.yaml
- 241b43e Update release.yaml
- 5c41ed3 Update release.yaml
- 802058d Update release.yml
- 2f28e12 Update stack.yml
- c3b8736 Update stack.yml
- f5f11c9 Update stack.yml
- 728dfeb Update template.yaml
- 38f3549 Update template.yaml
- 25520c9 Update template.yaml
- d6a67ce Update template.yaml
- e673bfe Update template.yaml
- 99d809a Update template.yaml
- 6bce498 Update template.yaml
- cf280d4 Update template.yaml
- cba9b34 Update template.yaml
- 34bee9d Update template.yaml
- e4e846e Update template.yaml
- f6bbaf7 Update template.yaml
- beb3ce7 Update testing.yaml
- 4cd4b7e Updating README and CICD.
- 4277064 Updating for Single Secrets set
- 2518e2e Updating guidance.
- 54617e3 Updating paths to reflect new paths
- 59fa49d Updating to use a single set of secrets in the pipeline account.
- 99a1a69 adjusting CICD for new template options
- 410be6f feat: migrate from deprecated go1.x to provided.al2 and use arm64
- 278ce0f remove region from test template
- 7a39664 updating for new path structure