2.5.3

New features

• Adds support for hardware security integration. You can use a hardware security module (HSM) to securely store the device's private key and certificate.

Bug fixes and improvements:

• Fixes an issue with runtime exceptions while the nucleus establishes MQTT connections with AWS IoT Core.

2.5.2

Bug fixes and improvements

• Fixes an issue where after the Greengrass Nucleus updates, the Windows service fails to start again after you stop it or reboot the device.

2.5.1

Bug fixes and improvements

• Adds support for 32-bit versions of the Java Runtime Environment (JRE) on Windows.
• Changes thing group removal behavior for core devices whose AWS IoT policy doesn't grant the greengrass:ListThingGroupsForCoreDevice permission. With this version, the deployment continues, logs a warning, and doesn't remove components when you remove the core device from a thing group. For more information, see Deploy AWS IoT Greengrass components to devices.
• Fixes an issue with system environment variables that the Greengrass nucleus makes available to Greengrass component processes. You can now restart a component for it to use the latest system environment variables.

2.5.0

New features:

• Adds support for running Greengrass nucleus on Windows.
• Changes behavior for when the core device is removed from a thing group. Before, that thing group's components would remain on the device. Now, the Greengrass nucleus removes that thing group's components from the device in the next deployment. This change requires that the core device's AWS IoT policy grants the greengrass:ListThingGroupsForCoreDevice permission.
• Adds support for HTTPS proxy configurations
• Adds configuration 'httpClient' for SDK client socket and connection timeouts

Bug fixes and improvements:

• Fixes the bootstrap lifecycle option to restart the core device from a component.
• Adds support for hyphens in recipe variables.
• Fixes IPC authorization for on-demand Lambda functions.
• Improves log messages and changes non-critical logs from INFO to DEBUG level, so logs are more useful.
• Removes the iot:DescribeCertificate permission from the default token exchange role policy, because it isn't used.
• Fixes an issue so the automatic provisioning script doesn't require the iam:GetPolicy permission if iam:CreatePolicy is available.
• Additional minor fixes and improvements.

2.4.0

New features:

• Add ability to configure CPU and memory system resource limits for generic components. You can configure default limits, and you can configure limits for each component when you create a deployment.
• Add IPC operations that you can use to pause and and resume generic components.
• Add support for custom provisioning plugins that you can run during installation to provision a device and obtain a device identity (device certificate, private key and rootCA certificate).

Bug fixes and improvements:

• Update logging config on startup. This fixes an issue where the logging configuration wasn't applied on startup.
• Update nucleus loader symlink to the component store during installation, so you can delete nucleus artifacts that you downloaded to install the nucleus.
• Add an optional thing-policy-name argument for device provisioning, so you can specify an existing or custom IoT policy when you provision a core device.

2.3.0

New features:

• Adds support for deployment configuration documents up to 10 MB, up from 7 KB (for deployments that target things) or 31 KB (for deployments that target thing groups). To use this feature, a core device's AWS IoT policy must allow the greengrass:GetDeploymentConfiguration permission. If you used the AWS IoT Greengrass Core software installer to provision resources, your core device's AWS IoT policy allows greengrass:*, which includes this permission. For more information, see Device authentication and authorization for AWS IoT Greengrass.
• Adds the iot:thingName recipe variable. You can use this recipe variable to get the name of the core device's AWS IoT thing in a recipe. For more information, see Recipe variables.

2.2.0

New features:

• Add IPC operations for local shadow management.

Bug fixes and improvements:

• Reduce the size of the JAR file.
• Reduce memory usage.
• Fix issues where the log configuration wasn’t updated in certain cases.

Note: The source code for this version of the nucleus includes experimental Windows features that are under development and not ready for production use.

v2.1.0

New features:

• Support downloading Docker images from private repositories in Amazon ECR.
• Add the following parameters to customize the MQTT configuration on core devices:
  • maxInFlightPublishes – The maximum number of unacknowledged MQTT QoS 1 messages that can be in flight at the same time.
  • maxPublishRetry – The maximum number of times to retry a message that fails to publish.
• Add the fleetstatusservice configuration parameter to configure the interval at which the core device publishes device status to the AWS Cloud.

Bug fixes and improvements:

• Fix an issue that caused shadow deployments to be duplicated when the nucleus restarts.
• Fix an issue that caused the nucleus to crash when it encountered a service load exception.
• Improve component dependency resolution to fail a deployment that includes a circular dependency.
• Fix an issue that prevented a plugin component from being redeployed if that component had been previously removed from the core device.
• Fix an issue that caused the HOME environment variable to be set to the /greengrass/v2/work directory for Lambda components or for components that run as root. The HOME variable is now correctly set to the home directory for the user that runs the component.
• Additional minor fixes and improvements.

v2.0.5

v2.0.5

Bug fixes and improvements:

• Correctly route traffic through a configured network proxy when downloading AWS-provided components.
• Use the correct Greengrass data plane endpoint in AWS China Regions.

v2.0.4

Note to users:

• Automatic provisioning using --provision true now requires iam:GetPolicy and sts:GetCallerIdentity. See
  our documentation for the full updated set of minimum permissions.

New features:

• Enable HTTPS traffic over port 443. You use the new greengrassDataPlanePort configuration parameter for the nucleus component to configure HTTPS communication to travel over port 443 instead of the default port 8443. (#811)(328ad0a)
• Add the work path recipe variable. You can use this recipe variable to get the path to components' work folders, which you can use to share files between components and their dependencies. (0fa011b)

Bug fixes and improvements:

• Correctly handle the cancellation of a deployment that has not yet been registered successfully. (#799)(95ca6e2)
  closes #798
• Prevent the creation of the token exchange IAM role policy if a role policy already exists. (#805)(893a8e1)
  closes #802
• Update the configuration to remove older entries with newer timestamps when rolling back a deployment. (#824)(1a093bb)
• Additional fixes and improvements.