Skip to content

v0.3.0
Compare
Choose a tag to compare
@bundyfx bundyfx released this 28 Apr 17:47
· 389 commits to master since this release
v0.3.0
f770f3f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

v0.3.0

New Functionality - SCPs

You can now use ADF to manage and automate the process of applying Service Control Policies throughout your Organization. Application of SCPs works in a similar way to bootstrapping base stacks in ADF. Place a scp.json file in the corresponding Organizational Unit folder in the bootstrap_repository and it will be automatically applied to that OU, if its removed it will be detached from the OU and deleted. To get started see the scp-example.json, also read the admin guide and SCP Documentation.

Description of changes:

  • SCPs functionality - Resolves #25

  • The master account can now be bootstrapped like any other account and can also have Deployment Pipelines target it. Resolves #19

  • Pyyaml has been updated to 5.1 stable in requirements.txt

  • Removed relative pathing for tests

  • Adding tests for account_bootstrap.py

  • Updated 'remove_base' in adfconfig.yml to also accept 'remove-base' - removing underscores in config options

  • Cleaned up unnecessary passing of boto3 library into class constructors

  • Updated code-commit-role on the master account to be titled adf-codecommit-role-base (avoid naming clash if default global.yml is applied)

  • Added BucketPolicy to the BootstrapTemplatesBucket to allow the Organization access to streamline master account bootstrap + pipeline capability.

  • CloudFormation no longer attempts to use template_body at all throughout ADF but uses template_url for all base and pipelines stacks - allowing much high limits on sizing. (previous it was just pipelines using template_url)

  • Organize Documentation to better suit admin vs user guide

  • General Code Cleanup (more to come)

  • The role that is assumed by the Deployment Account back to the master account to query Organizations has been renamed from "${CrossAccountAccessRole}-org-access-adf" to match the CrossAccountAccessRole that has been defined in the adfconfig.yml. CloudFormation will update this role on the next run of the UpdateBaseStacks pipeline.

  • The base stack created in the deployment region on the master account adf-global-base-adf-build is now updatable and will update on each run of the UpdateBaseStacks pipeline.

  • BUG FIX: Fixed a bug that caused 'organization_id' to be unavailable if performing fresh install

  • BUG FIX: Notification Emails were being sent when they shouldn't need to, defining the account had been bootstrapped into 'None'

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

Assets 3
Loading