Skip to content

v1.0.0
Compare
Choose a tag to compare
@statefb statefb released this 03 Jun 05:31
· 272 commits to v1 since this release
v1.0.0
c57f34f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Major Update Notice (v1)

⚠️ WARNING⚠️

  • This is a significant update that includes essential security improvements and a migration from the old version (v0.x.x). Please refer to the migration guide. Failure to follow the migration process may result in ALL DATA IN Aurora cluster BEING DESTROYED, and existing bots will no longer function.
  • The main branch is no longer maintained. v1 branch is now default.

New Features

  • Bot Creation Permission: Users can now explicitly allow bot creation, providing more control over bot management. #319 by @Yukinobu-Mine

Enhancements

All of enhancements are regarding security.

  • RDS Encryption: Enabled storage encryption for RDS to protect data at rest.
  • Credential Security: Database usernames and passwords are no longer stored in plaintext in the environment variables of ECS containers and Lambda functions. They are now securely retrieved via Secrets Manager.
  • RDS Authentication: Rotated RDS authentication credentials stored in Secrets Manager for improved security.
  • Public Access Disabled: RDS public access is now explicitly disabled, preventing exposure to the public internet.
  • S3 Access Logs: Enabled access logs for S3 Buckets to enhance security monitoring.
  • Security Compliance: Applied pdk-nag ensuring better security practices.
  • Athena WorkGroup Encryption: New athena.CfnWorkGroup now has encryption configuration set by default.
  • WebSocket Authentication: Changed authentication to occur at the start of session establishment to prevent unauthorized access.

#327 , #328 by @fsatsuki , @statefb

Contributors

Yukinobu-Mine, statefb, and fsatsuki
Assets 2
Loading