Skip to content

v2.6.4
Compare
Choose a tag to compare
@andrecorreaneto andrecorreaneto released this 18 Sep 18:01
· 267 commits to main since this release
v2.6.4
26aa216
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

September 18, 2023 Release Notes - 2.6.4

  1. CIS Compliance Script Adds Identity Domains
  2. Updates to the CIS Compliance Script
  3. Workload Expansion Terraform for Quick Start

CIS Compliance Script Adds Identity Domains

CIS compliance checking scripts adds collection of Identity Domains password policy. This allows the compliance checking script to access CIS recommendation 1.5 Ensure IAM password policy expires passwords within 365 days and recommendation 1.6 Ensure IAM password policy prevents password reuse.

Updates to the CIS Compliance Script

  • Updates:
    • Improved navigation for CIS Summary Report HTML
    • Added error_report.csv for errors when collection OCI resources
  • Fixes:
    • Improved OCI logging error handling
    • Fixed compliance for Storage Admin policies for CIS recommendation 1.14 Ensure storage service-level admins cannot delete resources they manage

Workload Expansion Terraform for Quick Start

The terraform code in this folder expands an existing CIS Landing Zone deployment. It does this by adding one or more workload compartment(s) in the AppDev compartment and, optionally, the associated OCI IAM groups, dynamic groups, and OCI IAM policies to manage OCI resources in the workload compartment. For more information please see the readme.md

Assets 2
Loading