3.0.0

What's New

v3.0.0 by @ashmeetp in #17

• Auto generation of permission sets and mapping files
• Migration from Lambda based solution to CodeBuild Project for improved timeout and memory
• Support for account names and OU names in target mappings
• Support for permission boundaries, both customer managed and AWS managed policies
• Syntax validation for permission sets and mapping files - Initial recommendation and implementation by @lowpast #16
• Implemented CodePipeline V2
• Added support for CodeStar connections for external Git providers, in addition to AWS CodeCommit

Full Changelog: 2.1.0...3.0.0

---

3.0.0

• Fixed issues with whitespace handling in permission set and group names.
• Corrected validation logic for various fields in permission sets and mapping files.
• Addressed potential race conditions in account assignment operations.
• Fixed the timeout issue in automation.
• Updated the Lambda runtime to the latest python3.12 in delegated-admin.py
• Updated pipeline stage names to better reflect their purpose.

Feel free to refer to the CHANGELOG for more details.

Update API, bug fixes to paginated response and validation

What's Changed

• Parse scan update by @fengyueyuzhe in #8
• Update api by @ashmeetp in #11

Full Changelog: 2.0.0...2.1.0

---

2.1.0

• Bug fix: Added the missing InstanceArn=ic_instance_arn to allow proper functioning of list_accounts_for_provisioned_permission_set API for more than 100 items in response.
• Bug fix: S3 Object versions are now referenced in the Lambda configuration to allow subsequent updates to lambda package code.
• Updated the list_groups API to get_group_id API and removed the use of deprecated filter method to obtain group Id by name in the auto-assignment.py.
• Updated the Lambda runtime to the latest python3.12.
• Updated SNS subscription protocol to email in the identity-center-automation.template to send formatted and prettier JSON message for better readability.
• Updated the Identity Center automation pipeline to the recommended event-driven pipeline.
• Updated pipeline stage names to better reflect their purpose.

Feel free to refer to the CHANGELOG for more details.

Support delegated administration and AWS Control Tower enabled accounts

A big shout out to Ashmeet for his contributions to the repository in this release!

New Feature

• Updated identity-center-stacks-parameters.json to get additional parameters from users to support delegated administration for Identity Center and AWS Control Tower enabled accounts.
• Updated codepipeline-stack.template to support delegated administration for Identity Center and AWS Control Tower enabled accounts.
• Added IC-Delegate-Admin.yml to allow delegating administration for IAM Identity Center to a Organization member account.
• Updated architecture_diagram.png to reflect new features in the architecture diagram.
• Updated identity-center-automation.template to support delegated administration for Identity Center and AWS Control Tower enabled accounts.
• Updated identity-center-s3-bucket.template to support delegated administration for Identity Center and AWS Control Tower enabled accounts.
• Updated buildspec-param.yml to support delegated administration for Identity Center and AWS Control Tower enabled accounts.
• Updated auto-assignment.py to support delegated administration for Identity Center and AWS Control Tower enabled accounts.
• Updated auto-permissionsets.py to support delegated administration for Identity Center and AWS Control Tower enabled accounts.

Feel free to refer to the CHANGELOG for more details.

1.1.0

1.1.0

• Updated auto-permissionsets.py file to support customer managed policy in permission set.
  • Updated the permission set example 5-example-sec-readonly.json.
• Updated auto-permissionsets.py and identity-center-automation.template to support custom permission set session duration.
  • Default session duration is set to 1 hour.
  • Updated the permission set example 1-example-admin.json.

1.0.0

• Initial release after service rebranding.