Bearse 2.18.0 Release

version: 2.18.0-b94

Update Summary

• new IAM role for deploying s3 static websites
• increase cloudformation timeouts from 5 minutes to 20 minutes
• Update Guardian to 0.3.1
• Update Shelvery to 0.9.5

S3 Deployer Role

The new ciinabox-s3-deployer IAM role reduces the permissions scope when deploying static apps to s3 from ciinabox. The permissions are limited to the following actions and S3 buckets defined with the S3DeployerBuckets Bearse parameter.

Action:
  - s3:GetBucketAcl
  - s3:GetBucketLocation
  - s3:ListBucket
  - s3:DeleteObject
  - s3:GetObject
  - s3:GetObjectAcl
  - s3:PutObject
  - s3:PutObjectAcl

To enable the role update the Bearse parameter for each account with the buckets that apply to that account/. The parameter takes a comma delimited string of bucket names if you have multiple buckets in an account.

S3DeployerBuckets=dev.myapp.com,test.myapp.com

Guardian 0.3.1

Minor bug fixes for duplicate alarm generation and added ability to set the group name of an over-ridding group

Shelvery 0.9.5

This release of Shelvery improves encryption capabilities in the databunker account by allowing the re-encryption of snapshots copied into the databunker account with a new kms key and ability to encrypt unencrypted snapshots in the databunker account. See the Shelvery release with how to setup these new features with Bearse.