Views:
September 21, 2021, Conformity—The following features and updates were released to Conformity on 21st September 2021.
Terraform Template Scanner Update
Template Scanner now supports scanning AWS RDS DB Cluster resources for Terraform templates.
Bug Fixes
  • Fixed a bug to enable Template Scanner to resolve nested intrinsic functions within Fn-Sub maps on CloudFormation templates.
  • Fixed a bug where the rule - DynamoDB-001: Unused table was being displayed in the Template Scanner results.
  • Fixed a bug where settings for a newly configured communication channel were not being reflected in the account settings UI.
  • Fixed a bug where users were being logged out of Conformity after clicking on a profile deleted via the API.
  • Fixed bug where users weren't able to scroll back up the Main Dashboard after navigating away from provider-specific account settings, for example, AWS RTM settings, Azure access settings, etc.
  • Fixed a bug where deleting a CQL query and going back to ‘Simple filters’ did not reset the filters.
  • Fixed a bug for the `Get Excluded Resources` API endpoint to return accurate results for regions `ap-southeast-2` and `eu-west-1`.
Conformity Bot Updates
We added support for AWS API Gateway Rest API tags to Conformity Bot so that rules like AG-005 (API Gateway Private Endpoint) can now support exceptions based on tags.
Custom Policy Updates
New Rule
AWS
  • IAM-071: Receive Permissions via IAM Groups Only: This rule ensures that your Amazon IAM users can receive permissions only through IAM groups to follow the Principle of Least Privilege (POLP), allowing you to manage user-based access to your AWS resources efficiently.
Rule Update
  • RG-001: Tags: ResourceGroup Tags now supports API Gateways - REST API and Stages. To enable these resources, please update and save your rule settings.
Rule Bug Fix
  • ELBV2-006: ELBv2 ALB Security Group: Improved this rule to smoothly handle API throttling and prevent the generation of false positives as a result.