Releases: fivexl/terraform-aws-cloudtrail-to-slack
4.2.0
What Changed:
Breaking Changes
It was decided to discontinue pushing the AccessDeniedByEvent metric that was added in the previous 4.1.0 release of CloudTrailToSlack. Because this metric was pushed by event type, it resulted in excessive costs.
New functionality
- Now, by default, every time Lambda receives an
AccessDeniedevent, it pushes aTotalAccessDeniedEventsmetric to CloudWatch. This metric is pushed for all access-denied events, including events ignored by rules. To separate ignored events from the total, the module also pushes aTotalIgnoredAccessDeniedEventsmetric to CloudWatch. Both metrics are placed in theCloudTrailToSlack/AccessDeniedEventsnamespace. This feature allows you to gain more insights into the number and dynamics of access-denied events in your AWS Organization. This functionality can be disabled by settingpush_access_denied_cloudwatch_metricstofalse. - Fix and update examples in the
/examplesdirectory
Internal changes:
- Fix log formatter to properly display set and str logs.
- Fix passing boolean variables from Terraform to Python.
- More logs for debugging purposes
- Refactor rule processing to separate ignored events from others.
- Update dependencies
- Bump urllib3 from 1.26.16 to 1.26.19 in /src by @dependabot in #68
Full Changelog: 4.1.0...4.2.0
Contributors
Assets 2
4.1.0
What's Changed
- Export CloudWatch metrics by @irazzhivin in #66
CloudTrail-to-Slack Lambda function now pushes CloudWatch metrics for all AccessDenied events, recording both the total number of such events and categorizing them by event name. This allows for monitoring and alerting on spikes in AccessDenied errors, enabling the creation of dashboards and alerts to manage these events in the AWS environment. - Bump black from 23.7.0 to 24.3.0 in /src by @dependabot in #59
- Bump urllib3 from 1.26.18 to 1.26.19 in /src by @dependabot in #61
New Contributors
- @irazzhivin made their first contribution in #66
Full Changelog: 4.0.2...4.1.0
Contributors
Assets 2
4.0.2
What's Changed
- Bump black from 23.7.0 to 24.3.0 in /src by @dependabot in #56
- Get real partition name by @noose in #60
New Contributors
Full Changelog: 4.0.1...4.0.2
Contributors
Assets 2
4.0.1
Change python version requirements from pinned 3.10.10 to 3.10.10 <= X <= 4.0.0 range
4.0.0
Introduced a Slack App variant for configurations, enabling:
Posting duplicated events to a thread of the previous Slack message with a configurable duration for "considering" previous events.
Introduced an SNS as another destination for notifications.
Default Rules:
Made minor fixes to the existing default rules.
Introduced more rules for:
Stopping Cloudtrail logs.
Updating, deleting, and configuring the Trail.
Updating the configuration and code of the Cloudtrail to Slack lambda.
Notifications:
Slack will be notified if an object is deleted from the Access logs bucket.
Error Handling:
The module now continues parsing events even if an error is encountered. In case of a ParsingEventError, a notification is sent to Slack.
Logging:
Improved logging
Log levels
Testing:
Added tests for every default rule.
Integrated message processing tests within CI.
Dependencies: Updated internal dependencies and modules.
Configuration:
Added validation for module configurations.
Introduced an S3 notification filter prefix.
Breaking Changes:
Renamed the branch from master to main.
Full Changelog: 3.2.2...4.0.0
3.2.2
- update default rules: catch Client.UnauthorizedOperation and other UnauthorizedOperation, also catch more AccessDenied events
- default rules bug fix. "*" is not supported inside rules templates
Full Changelog: 3.2.0...3.2.2
3.2.0
5f5401f
Andrey9kin
Andrey Devyatkin
- update lambda module to 4.10.1
- allow setting memory for the lambda and bump default to 256
- update lambda runtime to python 3.9
Full Changelog: 3.1.1...3.2.0
3.1.1
v3.1.0
What's Changed
- Custom rules separator by @admssa in #25. Now you can configure a separator to use for splitting rules. It is helpful if you are making complex rules that might contain coma.
New Contributors
Full Changelog: 3.0.0...v3.1.0
