15 August 2014
Highlights of this release:
Updates for this release:
Highlights
Shared AWS security credentials management
You can now manage AWS security credentials centrally by means of an integration with the Identity Federation for AWS (Bamboo) add-on:
- add long-term AWS security credentials (IAM users) once, configure AWS access for Atlassian groups with temporary credentials and fine grained permissions via IAM Policies thereafter (Identity Broker)
- grant easy access to AWS resources directly via menu links to the AWS Management Console (see the User's Guide for details)
- this can optionally include access to your elastic agents for administrators (or any other group with access to the resp. AWS Connector)
No Charge
Improved security of Inline credentials persistence
AWS security credentials of type Inline are now persisted through the Bamboo EncryptionService API on Save for new or existing tasks.
No Real Encryption
Please note that the Bamboo EncryptionService API naming is misleading for the time being - as properly phrased in the method summary of com.atlassian.bamboo.security.EncryptionServiceImpl, the decrypt()/encrypt()
methods just provide means to obfuscate sensitive data.
- Real encryption is available by using the integration with Identity Federation for AWS (Bamboo) instead.
No Automatic Migration
Existing task configurations are not upgraded automatically, you need to explicitly edit and save them once. Given most users want to upgrade to shared AWS credentials managed via Identity Federation for AWS instead, we felt this to be an acceptable compromise - please get in touch if your situation requires a different approach, we are willing to discuss this on a case by case base.
Support for Windows Server 2012 R2 and Server Core solution stacks in the AWS Elastic Beanstalk tasks
The available solution stacks have been updated to include the latest versions, notably including the recently introduced Windows Server 2012 R2 and Server Core stacks, see the resp. announcement and related posts:
Details
This release addresses the following issues:
- Stories
- TAWS-39 (UAA-5) - As a user, I want to manage AWS credentials centrally so that I do not need to enter them for every task
- Improvements
- TAWS-366 - Update available Elastic Beanstalk solution stacks (as per 20140806)
- TAWS-281 (UAA-5) - Adjust task credentials storage to facilitate Bamboo EncryptionService API
- Bugs
- TAWS-335 - Fix regressions on task execution on remote agents
- TAWS-298 - Verify add-on working after disable/enable cycle (own as well as IFAWS)
- TAWS-283 - Fix unhelpful error message 'Encountered internal plugin error'
Updates
Release 2.4.5
This release addresses the following issues:
- Improvements
- TAWS-45 - Add EC2 resource filter handling
- Bugs
- TAWS-389 - Fix lack of explanation/link below AWS Credentials Source widget
Release 2.4.4
This release addresses the following issues:
- Improvements
- TAWS-64 (UAA-27) - Add CloudFormation Stack create option to delete the stack on failure
- Bugs
- TAWS-416 - Fix Bamboo variable substitution for encrypted 'Inline' credentials
- Technical Debt
- TAWS-396 - Constrain ServiceProxyDestroyedException workaround to Bamboo <= 5.6.0 (see BAM-14801 for details)
Release 2.4.3
This release addresses the following issues:
- Bugs
- TAWS-398 (UAA-29) - Fix exception on Identity Federation for AWS credentials usage in automatically triggered deployment projects
Release 2.4.2
This release addresses the following issues:
- Improvements
- TAWS-362 (UAA-25) - Add CloudFormation Stack update action override to pass task if no updates are to be performed
Release 2.4.1
This release addresses the following issues:
- Improvements
- TAWS-371 - Update available Elastic Beanstalk solution stacks (as per 20140814)
- Bugs
- TAWS-372 - Fix 404 due to link targeting old IFAWS plugin key
- TAWS-369 - Fix typo in template examples inline dialog