Releases: salesforce/cloudsplaining
Releases · salesforce/cloudsplaining
0.3.1 🌈
Changes
- Update Credentials Exposure actions, dependencies @kmcquade (#169)
- consider iam policy statement condition as a restricted action @schosterbarak (#167)
🐛 Bug Fixes
- expand only allowed actions (not deny actions) @schosterbarak (#166)
0.3.0 🌈
🐛 Bug Fixes
- Statement scanning performance improvements @verkaufer (#156)
- Update setup.py to include cached-property; Fix linting @kmcquade (#160)
0.2.5 🌈
Changes
- Add GitHub workflow to combine Dependabot PRs into a single one @kmcquade (#150)
- Add deeplinks to report findings (#133) @verkaufer (#151)
🚀 Features
📝 Documentation
0.2.4: Vue Router, Report improvements and fixes
Changes
- Add release drafter GitHub Action @kmcquade (#148)
- Fixing bug in scan-policy-file command @saikirankv (#143)
- add RoleLastUsed date @dgwhited (#140)
- Expand collapse approach changed @rohanshenoy96 (#138)
- remove click_log lib @reetasingh (#136)
- Fix logging @reetasingh (#135)
- Added inline explanations of findings @kmcquade (#132)
- udpate README.md badge link to test action @reetasingh (#127)
🚀 Features
- Implemented Vue router for navbar @rohanshenoy96 (#128)
🐛 Bug Fixes
- fix: User-Group relationships are now shown on IAM Principals page (#122) @verkaufer (#146)
📝 Documentation
0.2.3: New findings (Credentials Exposure, Service Wildcard) and --minimize option to shrink report size by ~3.7MB
- UI
- Credentials Exposure as a new finding (
#99) - Service Wildcard as a new finding (
#82) scancommand now has a--minimizeoption, which you can use to reduce your report size. The example report size was reduced from 3.9MB (ouch!) to 212KB. (Fixes #125)
- Credentials Exposure as a new finding (
- Backend
- Updated tests to include updated sample data
0.2.2: Bug fixes and exclusion improvements
- Excluded actions no longer show up in results (Fixes #106)
- Fixed issue where : policy would break results due to how the Service Wildcard finding was implemented (Fixes #109)
- Credentials Exposure and Service Wildcard now show up in the data file results. These will show up in the HTML Report in a future release
- Exclusions are now applied earlier in the scan to improve speed
- Vue components are cleaned up - less HTML, more config and JS
0.2.1: Fixes bug that included Inline Policies that should have been excluded from results
- Fixes issue where Inline Policies were showing up as findings even when they were attached to excluded IAM principals. Fixes #104
0.2.0: UI uplift and refactor
- Major UI uplift:
- Summary page: new Bar chart to summarize results
- Upgraded page: IAM Principals metadata
- New page: Inline Policies (separated from Customer policies)
- Many bug fixes that were present with the previous UI
- Backend
- Migration to Vue.js
- Leveraging an updated data JSON file
- New findings
0.1.8: Fix for scan-policy-file command; changed --input flag to --input-file
- UI: The Exclusions configuration was not showing up in the report due to a typo
- Changed
--inputflag to--input-filefor all commands - Fixed bug in scan-policy-file command (#79)
- Backend: Improved the JSON output a bit for the new principal policy mapping data file.
0.1.7: Minor text fixes; added backend classes and methods that do not affect functionality or report presentation
- UI: Fixed an issue where the Remediation guidance was not showing up in the resulting report. Fixes #70
- Triage Worksheet: Made the values under the Triage worksheet "Type" column more specific - i.e., AWS-Managed Policy, Customer-Managed Policy, Inline Group Policy, Inline User Policy, or Inline Role Policy. Before, it just said "group", "role", "user", or "Policy", which didn't help much.
- Added some backend methods that do not change the functionality. This will help with the eventual UI uplift (and helps with an additional side project)