Release v1.3.9

Important

• Upgrades to the v1.5.x release require customers first upgrade to v1.3.8 or higher
• This release is no longer installable by customers based on changes to IAM role trust policy behavior, to tagging behavior (#1085), and due to the deprecation of Python 3.6
• Existing customers will likely no longer be able to upgrade to this release based on changes to tagging behavior (#1085) and the deprecation of Python 3.6
• Existing customers will no longer be able to upgrade to this release based on changes to tagging behavior (#1085) without manual intervention
• Existing customers can continue to upgrade to this release until Feb 14, 2023 Nov 14, 2022
  - As this release is based entirely on Node.js 12, upgrades to this release are NOT possible after Nov 14, 2022
• All Accelerator releases prior to v1.5.0 will cease to function on Feb 14, 2023 Nov 14, 2022 when Node.js 12 is deprecated and role policy allow-listing expires

NOTE: Before attempting to upgrade to this release, the config file has several Python 3.6 config rules defined. The upgrade will fail, if these are not FIRST updated to deploy using Python 3.7 in the customer config file (no code changes required).

Enhancements

• Enable static IP assignment for private ENIs on Fortinet firewalls (also in fix/v1.3.8-a) (#796)
• Add s3:ListBucket permission to log archive read only role enabling Athena (#799)

Fixes

• Adjust R53 zone names for interface endpoint names with periods (i.e. ECR)(#810)
• Various logging, scaling and retry enhancements (#807, #813, #815, #816, #817, #819, #818)
• Update SCP's to fix CloudFront console and customer CDK S3 issue (#801, #803)

Config file changes

• Fix UltraLite config file (us-east-1 is reqyuired as a supported-region (RECOMMENDED)(#808)
• Update Fortinet AMI's to v6.4.7 (NEW INSTALLS ONLY)(#820)