Identity Federation for AWS 2.7 Release Notes
18 April 2017
The Utoolity team is pleased to present Identity Federation for AWS 2.7 – this release continues our journey towards increased usability and easier onboarding. It adds explicit handling of the non standard AWS partitions AWS China and AWS GovCloud (US), and updates the provided CloudFormation templates to ease provisioning of AWS resources.
You can now opt in to and out of non standard AWS partitions, and you can provision AWS resources with CloudFormation templates using improvements like YAML format and simplified string substitution.
If you are using Bamboo remote agents, please review the Identity Federation for AWS 2.7 Upgrade Notes for important information about this release.
Learn more and try it for free in:
On this page:
Highlights
Opt in to and out of non standard AWS partitions (experimental)
The non standard AWS regions China (Beijing) and AWS GovCloud (US) have been enabled for use already. However, due to not being based in either China or the US, we are not in a position to test this add-on with those regions directly. Thanks to feedback from users with access to those regions we have identified some resulting inconsistencies and bugs, which have been addressed by being more explicit about the underlying AWS partition concept (see the info box below for some background) – here is what you need to know about this change:
Non standard AWS partitions and their regions are now disabled by default and must explicitly be opted into as outlined in Enabling Labs Features.
If you have been using the China (Beijing) region before, you need to opt-in again as outlined in Support for the AWS China partition – existing tasks are not affected at runtime, however, the China (Beijing) region is not offered in the region widget anymore by default.Once enabled, you need to specify the appropriate partition when Configuring an AWS Access Key so that the add-on can use the partition specific AWS endpoints at runtime.
Since most AWS users won't have access to non standard AWS regions, the Partition option is hidden until any non standard AWS partition is enabled.The AWS partition is now surfaced as a new
partition
field in the REST API.
What is an AWS partition?
The AWS partition concept pretty much lacks documentation so far and is only mentioned in passing here and there, most notably within Amazon Resource Names (ARNs) and AWS Service Namespaces:
partition
– The partition that the resource is in. For standard AWS regions, the partition is aws
. If you have resources in other partitions, the partition is aws-partitionname
. For example, the partition for resources in the China (Beijing) region is aws-cn
.
Provision AWS resources with CloudFormation templates
We have added a set of CloudFormation templates to ease provisioning AWS resources in release 2.6.0. Since then, CloudFormation has gained two notable usability improvements by supporting templates in YAML format and simplified string substitution, and we have now updated the available templates accordingly:
Identity Federation for AWS (Core) – These resources are semantically required and we recommend to provision a dedicated IAM role indeed.
Identity Federation for AWS (Quickstart) – These resources aim to get you started quickly by covering the basic use cases
Resolved issues
Release 2.7.2
2017-11-09
This release addresses the following issues:
Core:
Improvements
IFAWS-705 – Add 'Manage AWS Connectors' entry to 'AWS Resources' page
IFAWS-815 – Integrate updated app logos/banners
IFAWS-821 – Add option to disable implicit connector visibility for administrators
Bamboo
Improvements
IFAWS-723 – Add connector ID to AWS Credentials Variables task result
IFAWS-811 – Surface support for additional ECR region ap-northeast-2
IFAWS-854 – Surface support for additional ECR region cn-north-1
Release 2.7.1
2017-05-09
This release addresses the following issues:
Bamboo
Bugs
IFAWS-682 – Fix connector variable name being logged as null
IFAWS-691 (UAA-258) – Fix NullPointerException for validation errors on task edit in Bamboo 6.0.0
Release 2.7.0
2017-04-18
This release addresses the following issues:
Core
Stories
IFAWS-678 – As a developer, I want to to retrieve a connector's AWS partition via REST so that I can use non standard AWS regions
Improvements
IFAWS-665 – Update CloudFormation templates regarding upstream improvements (YAML etc.)
Bugs
IFAWS-659 – Fix getCallerIdentity() and credentials validation handling with cn-north-1/us-gov-west-1
IFAWS-667 (UAA-248) – Fix session credentials handling with cn-north-1
Bamboo
Improvements
IFAWS-666 (UAA-246) – Log connector ID when using Identity Federation for AWS credentials
Tasks
IFAWS-571 – Drop support for Bamboo 5.8
JIRA
Tasks
FAWS-566 – Drop support for JIRA 6.4
Amazon Web Services™, AWS™ and the “Powered by Amazon Web Services” logo are trademarks of Amazon.com, Inc. or its affiliates in the United States and/or other countries.
Utoolity® is a registered trademark of Utoolity GmbH.
© 2024 Utoolity GmbH. All rights reserved.