Skip to content

Commit 93021cd

Browse files
boueyaboueya
authored
Merge branch 'aws-samples:main' into ebs_sts_regional_endpoint
2 parents 4c0947d + de490b9 commit 93021cd

File tree

43 files changed

+8396
-57
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

43 files changed

+8396
-57
lines changed

CHANGELOG.md

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -57,6 +57,25 @@
5757
All notable changes to this project will be documented in this file.
5858

5959
---
60+
61+
## 2025-02-04
62+
63+
### Added<!-- omit in toc -->
64+
65+
- Added [Bedrock](aws_sra_examples/solutions/genai/bedrock_org) solution to deploy the sra-bedrock-org solution for GenAI deep-dive Bedrock capability one security controls. See https://github.com/aws-samples/aws-security-reference-architecture-examples (sra-1u3sd7f8n)
66+
67+
## 2025-01-21
68+
69+
### Updated<!-- omit in toc -->
70+
71+
- Updated [Config Management Account](aws_sra_examples/solutions/config/config_management_account) solution to use service-linked role for AWS Config.
72+
73+
## 2025-01-08
74+
75+
### Updated<!-- omit in toc -->
76+
77+
- Updated [Common Prerequisites](aws_sra_examples/solutions/common/common_prerequisites) staging util script to fix lambda layer deploy when using solution_directory.
78+
6079
## 2024-09-18
6180

6281
### Added<!-- omit in toc -->

README.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -140,6 +140,7 @@ Please follow the instructions for SRA Terraform deployments in the [SRA Terrafo
140140
| :---------------------------------------------------------------------------------------------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :----------------------------------------------------------------------------------------------------------- | :-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
141141
| [Account Alternate Contacts](aws_sra_examples/solutions/account/account_alternate_contacts) | Sets the billing, operations, and security alternate contacts for all accounts within the organization. | | |
142142
| [AMI Bakery](aws_sra_examples/solutions/ami_bakery/ami_bakery_org) | Creates and configures an AMI image management pipeline. | | |
143+
| [Bedrock](aws_sra_examples/solutions/genai/bedrock_org) | Enables and configures security controls for Bedrock GenAI deep-dive capability one. | | |
143144
| [CloudTrail](aws_sra_examples/solutions/cloudtrail/cloudtrail_org) | Organization trail with defaults set to configure data events (e.g. S3 and Lambda) to avoid duplicating the Control Tower configured CloudTrail. Options for configuring management events. | CloudTrail enabled in each account with management events only. | |
144145
| [Config Management Account](aws_sra_examples/solutions/config/config_management_account) | Enables AWS Config in the Management account to allow resource compliance monitoring. | Configures AWS Config in all accounts except for the Management account in each governed region. | <ul><li>AWS Control Tower</li></ul> |
145146
| [Config Organization Aggregator](aws_sra_examples/solutions/config/config_aggregator_org) | **Not required for most Control Tower environments.** Deploy an Organization Config Aggregator to a delegated admin other than the Audit account. | Organization Config Aggregator in the Management account and Account Config Aggregator in the Audit account. | <ul><li>AWS Control Tower</li><li>[Common Register Delegated Administrator](aws_sra_examples/solutions/common/common_register_delegated_administrator)</li></ul> |

aws_sra_examples/solutions/ami_bakery/ami_bakery_org/lambda/src/codepipeline.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -90,7 +90,7 @@ def create_codepipeline(
9090
"roleArn": "arn:" + aws_partition + ":iam::" + account_id + ":role/" + codepipeline_role_name,
9191
"artifactStore": {"type": "S3", "location": bucket_name},
9292
"stages": [
93-
{ # type: ignore
93+
{
9494
"name": pipeline_name + "-CodeCommitSource",
9595
"actions": [
9696
{
@@ -104,7 +104,7 @@ def create_codepipeline(
104104
}
105105
],
106106
},
107-
{ # type: ignore
107+
{
108108
"name": pipeline_name + "-DeployEC2ImageBuilder",
109109
"actions": [
110110
{

aws_sra_examples/solutions/config/config_org/lambda/src/config.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -92,7 +92,7 @@ def set_config_in_org(
9292
configuration_recorder: ConfigurationRecorderTypeDef = {
9393
"name": recorder_name,
9494
"roleARN": role_arn,
95-
"recordingGroup": { # type: ignore
95+
"recordingGroup": {
9696
"allSupported": all_supported,
9797
"includeGlobalResourceTypes": include_global_resource_types,
9898
"resourceTypes": resource_types,

0 commit comments

Comments
 (0)