Skip to content

Releases: silinternational/serverless-mfa-api

log message for invalid API secret; increased log retention

03 Sep 02:35
@briskt briskt
3.1.3
544cec1
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
log message for invalid API secret; increased log retention Latest
Latest

Added

  • If the API Secret is NOT valid, log its first and last few characters
    • This should help us confirm whether, for instance, and equals sign has been dropped from the end of the string.

Changed

  • Increased log retention to 60 days (ITSE-999 Increase Cloudwatch Log retention)
Assets 2
Loading

Update a local development dependency (express)

09 Apr 19:13
@forevermatt forevermatt
3.1.2
3791399
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
Update a local development dependency (express)

Fixed

  • Update express dependency in response to a security advisory. See #149 for details.
Assets 2
Loading

Better failover CNAME DNS records

04 Aug 19:56
@forevermatt forevermatt
3.1.0
c37551e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Better failover CNAME DNS records

Added

  • Add intermediate CNAMEs
    • Example of new DNS records:
      • "Public" CNAME: api.example.com -->
        • api-us-east-1.example.com (for primary region)
        • api-us-west-w.example.com (for secondary region)
      • "Intermediate" CNAME (primary): api-us-east-1.example.com --> d-abcde12345.execute-api.us-east-1.amazonaws.com
      • "Intermediate" CNAME (secondary): api-us-west-2.example.com --> d-zyxwv67890.execute-api.us-west-2.amazonaws.com
  • Add outputs:
    • primary_region_domain_name - The domain name to use (as the value of the "public" CNAME record) to use the primary region. Example: api-us-east-1.example.com
    • secondary_region_domain_name - The domain name to use (as the value of the "public" CNAME record) to use the secondary region. Example: api-us-west-2.example.com

Changed (non-breaking)

  • Rename some internal modules to better align with their purpose:
    • fail-over-cname --> fail-over-cnames
    • custom_domains --> api_gateway_domains_and_certs
  • Rename some other resources to differentiate between public (main) CNAME, intermediate CNAME, and AWS API Gateway domain names.

Fixed

  • Wait for certificate to be issued before trying to use it

Note: If desired, you can use terraform state mv to reduce the amount of deletion-and-recreation that the module-renames and resource-renames will cause (if that matters to you).

Example (assuming your use of this module is named "dns_for_failover"):

terraform state mv module.dns_for_failover.module.fail_over_cname module.dns_for_failover.module.fail_over_cnames
terraform state mv module.dns_for_failover.module.custom_domains module.dns_for_failover.module.api_gateway_domains_and_certs
Assets 2
Loading

Fully multi-region (Lambdas, DynamoDB Global Tables, DNS records for easy failover)

04 Aug 19:45
@forevermatt forevermatt
3.0.0
b574d68
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Fully multi-region (Lambdas, DynamoDB Global Tables, DNS records for easy failover)

Changed (BREAKING)

  • Manage DynamoDB resources via terraform, not serverless
  • Replace hyphens with underscores in output names
  • Switch to using the GlobalTable for api-keys
  • Switch to using the GlobalTable for totp records
  • Switch to using the GlobalTable for u2f records (irrelevant)
    • Note: This particular change doesn't matter because it's the serverless-mfa-api-go code that handles U2F and WebAuthn now.

Added

  • Also deploy Lambdas to secondary region
  • Add multi-region custom domain name (for easier failover)

Fixed

  • Improve documentation about Point-in-Time Recovery limitation
Assets 2
Loading

Create totp and u2f(/webauthn) Global Tables

04 Aug 19:41
@forevermatt forevermatt
2.5.0
b6d2b1f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Create totp and u2f(/webauthn) Global Tables

Added

  • Add new Global Table for TOTP data
    • Not in use yet. Will migrate data to it after this release, and do a subsequent release to start using this table.
  • Add new Global Table for U2F(/WebAuthn) data
    • Not in use yet. Will migrate data to it after this release, and do a subsequent release to start using this table.

Changed (non-breaking)

  • Extract DynamoDB Table Tags to custom value for reuse
  • Extract function tags to custom value for reuse
  • Extract GlobalTable Replicas to custom value for reuse
Assets 2
Loading

Start converting to Global Tables (beginning with api_keys)

04 Aug 19:41
@forevermatt forevermatt
2.4.0
09dd725
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Start converting to Global Tables (beginning with api_keys)

Added

  • Add new Global Table for API Keys (with replica region defaulting to us-west-2)

Fixed

  • Allow the functions to access the DynamoDB tables in any region
  • Add the necessary permissions for creating a Global Table
    • NOTE: You will have to run a terraform plan/apply to grant the necessary AWS permissions before the Serverless deploy command will succeed.
Assets 2
Loading

Fix `extra_policies` data type

22 May 18:32
@forevermatt forevermatt
2.3.10
5c220d0
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Fix `extra_policies` data type

Fixed

  • Encode extra_policies array entry as a JSON string
Assets 2
Loading

Add tags to serverless-managed resources

18 May 20:43
@forevermatt forevermatt
2.3.9
f266dd6
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Add tags to serverless-managed resources

Fixed

  • Add tags to serverless-managed resources
  • Add additional IAM permission (via terraform) that serverless now needs in order to do deployments
Assets 2
Loading

Add AWS tags

18 May 20:42
@forevermatt forevermatt
2.3.8
24aa507
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Add AWS tags 
2.3.8
Assets 2
Loading

Version upgrades

19 Apr 15:00
@Baggerone Baggerone
2.3.7
cf9c82e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Version upgrades

Fixed

  • Bump Node version to 18
  • Specify serverless version as 3.25
  • Update node dependencies
  • Stopped excluding the aws-sdk package, since it's not included in the AWS environment by default anymore.
Assets 2
Loading