Commit Graph

63 Commits

Author SHA1 Message Date
Luke Heath
7b91434452
Updating changelog for 4.48.0 (#18014) 2024-04-02 15:38:42 -05:00
George Karr
f2b3a58bff
Updating changelog for 4.47.3 (#17871) 2024-03-27 10:41:51 -05:00
Sharon Katz
b44848eeba
Updating changelog for 4.47.2 (#17804) 2024-03-26 09:18:34 -05:00
Benjamin Edwards
1d736d82df
update default in both places (#17741) 2024-03-20 15:28:49 -04:00
Benjamin Edwards
c0a7725988
fix typo in default maintance window (#17740)
should have been `thu` rather than `thurs`
2024-03-20 15:12:31 -04:00
Benjamin Edwards
7d156597d9
rds module maintenance window (#17739)
📝 docs(README.md): update alb_config and fleet_config tables to reflect
new changes
🔧 fix(main.tf): add preferred_maintenance_window to rds module to allow
for scheduled maintenance
🔧 fix(variables.tf): add preferred_maintenance_window to rds_config
variable to allow for scheduled maintenance
🔧 fix(README.md): update fleet_config image version to v4.47.1 for
latest features and bug fixes
2024-03-20 15:00:39 -04:00
George Karr
c6d5151198
Updating changelog for 4.47.1 (#17689) 2024-03-19 09:47:00 -05:00
Luke Heath
88d41915eb
Prepare Fleet v4.47.0 (#17581) 2024-03-12 17:45:26 -05:00
George Karr
33bb67b7af
update changelog 4.46.2 (#17337)
- Updating changelog for 4.46.2
2024-03-06 15:41:55 -06:00
Sharon Katz
07511dc19c
4.46.1 changes (changelog, version numbers) (#17293) 2024-03-01 11:30:26 -05:00
Luke Heath
7361f4d8d5
Prepare v4.45.0 (#17005) 2024-02-21 11:32:22 -06:00
George Karr
aac971145f
Update Versions for 4.44.1 (#16722) 2024-02-12 16:20:07 -06:00
Benjamin Edwards
9ba0dafa94
vuln processing as distinct service (#16544)
create a distinct service to managed vulnerability processing
2024-02-09 13:58:28 -05:00
Luke Heath
668fe41611
Prepare v4.44.0 (#16486) 2024-01-31 16:11:22 -06:00
Luke Heath
bcc1799e07
Prepare v4.43.3 (#16297) 2024-01-23 17:15:19 -06:00
Luke Heath
0430738030
Prepare v4.43.2 (#16261) 2024-01-22 15:55:43 -06:00
George Karr
48ef8f3933
Prepare new patch version 4.43.1 (#16087) 2024-01-12 16:54:42 -06:00
Luke Heath
502a811ce9
Prepare v4.43.0 (#15972) 2024-01-09 16:45:22 -06:00
Robert Fairburn
6c84209b73
Update migrations to scale down services before migrating (#15908) 2024-01-04 14:33:35 -06:00
Luke Heath
f5af49f766
Prepare v4.42.0 (#15812) 2023-12-21 15:30:40 -06:00
Luke Heath
3dc40d667e
Prepare v4.41.1 (#15500) 2023-12-07 16:06:17 -06:00
Luke Heath
f6cb052e7a
Prepare v4.41.0 (#15350) 2023-11-28 19:18:05 -06:00
Robert Fairburn
695ad26cb7
Allow Fleet terraform modules to configure lb timeouts (#15237) 2023-11-22 11:11:18 -06:00
Robert Fairburn
7b1ea9cdf1
Terraform aws provider v5 fixes for terraform modules (#15159) 2023-11-15 23:50:38 -06:00
Luke Heath
8dbe690026
Prepare v4.40.0 (#14940) 2023-11-06 16:49:21 -06:00
Benjamin Edwards
7e85292d67
introduce variables to restrict ipv6 access by cidr block for alb config (#14836)
# Checklist for submitter
- [X] Documented any API changes (docs/REST API/rest-api.md or
docs/Contributing/API-for-contributors.md)
- [X] Manual QA for all new/changed functionality
2023-10-31 15:21:22 -04:00
Benjamin Edwards
d76c9bf3c9
terraform module -- replace redis cidr (#14768)
🔧 refactor(byo-vpc/main.tf): replace hardcoded cidr_blocks value with
dynamic data from aws_subnet.redis to ensure the CIDR blocks are always
up-to-date and accurate
2023-10-30 16:27:14 -04:00
Luke Heath
653aeceb06
Prepare v4.39.0 (#14647) 2023-10-26 15:07:58 -05:00
Roberto Dip
6702e3ddb8
prepare v4.38.1 (#14303) 2023-10-05 11:13:24 -05:00
Robert Fairburn
0f4e24a40a
Initial saml-auth-proxy code. (#14017) 2023-09-28 12:48:57 -05:00
Luke Heath
6807cfe897
Prepare v4.38.0 (#14123) 2023-09-25 16:43:52 -05:00
Luke Heath
a745c3a8a8
Prepare Fleet v4.37.0 (#13821) 2023-09-08 13:35:44 -05:00
Robert Fairburn
4017696ed6
terraform module examples to use example.com per style guide (#13709) 2023-09-05 11:18:44 -05:00
Robert Fairburn
1d0aa1f318
terraform module: some fixes for byo-vpc and below (#13553)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes (docs/Using
Fleet/manage-access.md)
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-09-01 16:06:45 -05:00
Zachary Winnerman
004cc0d3cd
Add external vuln scans addon (#13206)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-08-08 14:38:20 -04:00
Zachary Winnerman
ac797c8f81
Fix variable consistency for optional in fleet_config (#12874)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-07-20 14:33:15 -04:00
Benjamin Edwards
97a705af5d
fleet tf module config (#12304) 2023-06-22 21:06:59 -04:00
Benjamin Edwards
052dcb7b50
update deploying on terraform guide to be module based, update terraf… (#11847) 2023-05-30 20:11:06 -04:00
Zachary Winnerman
3a43c1ebc2
Add waf to dogfood (#11541)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).

Closes #10716
2023-05-05 12:06:16 -04:00
Robert Fairburn
9c8797eef2
Terraform module to use mysql reader endpoint by default (#11315) 2023-04-25 12:47:42 -05:00
Zach Wasserman
70a429327f
Use proper name for ALB policy (#10889)
Fixes issue from #10887.
2023-03-30 11:15:30 -07:00
Zach Wasserman
24533da337
Require TLS 1.2 in Terraform ALB listener (#10887)
This should fix tfsec
https://aquasecurity.github.io/tfsec/v1.0.8/checks/aws/elb/use-secure-tls-policy/
by configuring
https://registry.terraform.io/modules/terraform-aws-modules/alb/aws/6.4.0#input_listener_ssl_policy_default.
2023-03-30 10:52:42 -07:00
Benjamin Edwards
4161ee5679
create vuln processing addon (#10526)
two things here:

1. create addon for use in new modular terraform
2. create vuln processing terraform for legacy terraform, but by default
its disabled
2023-03-29 08:57:10 -04:00
Zachary Winnerman
e78554540f
Add ability to tag data containing resources (#10534)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-03-16 14:10:42 -04:00
Robert Fairburn
989e0f7121
Add rds_parameters to tf module for dogfood to apply sort_buffer_size (#10528) 2023-03-16 00:31:12 -05:00
Zachary Winnerman
2933a7bdaa
Add ability to use sidecars (#10287)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-03-03 13:50:48 -05:00
Zachary Winnerman
714a628908
Update readmes (#10214)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-03-01 11:07:46 -05:00
Zachary Winnerman
eff94f917a
Alb cidr list (#10184)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-02-28 14:37:53 -05:00
Zachary Winnerman
889247eeb3
Allow ALB Cidrs to be passed into the module (#10179)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-02-28 14:02:12 -05:00
Robert Fairburn
de888d3cb3
Initial Terraform ALB Loggin Module (#10010) 2023-02-22 10:07:12 -06:00