Bearse 2.23.0 Release

version: 2.23.0-b105

Update Summary

• ciinabox-v2 role permissions to deploy cloudformation to regions other than the bearse region
• conditional cloudtrail cloudwatch loggroup
• improve the secuirty of S3 buckets created by bearse
• archiving s3 cloud trail logs into glacier after 90 days

Conditional Cloudtrail Cloudwatch Loggroup

Cloudtrail has the ability to send logs directly to cloudwatch logs for quick and easy log search. If this is a feature required by a customer it can be enabled by updating the CloudtrailLogGroup=true bearse parameter.

S3 Bucket Security Improvements

With this release of bearse we’ve enabled bucket versioning and enabled public access blocking on guardian, cloudtrail log and cloudtrail access logs buckets. Server side AES encryption has also been enabled on the guardian s3 bucket. This will help with customers who have to ahear to specific complience frameworks.