The Cloud Migration Factory on AWS solution is designed to coordinate and automate manual processes for large-scale migrations. This solution helps enterprises improve performance and prevents long cutover windows by providing an orchestration platform for migrating workloads to AWS at scale.
JWT VALIDATION: Replaced of python-jose with PyJWT to resolve CVE https://nvd.nist.gov/vuln/detail/CVE-2024-23342 which is caused by a dependency on the vulnerable python-ecdsa module. All JWT verification is now performed using PyJWT.
MGN TARGET IAM ROLE: Restricted inline policy for MGN Role in target accounts to not allow iam:PassRole and sts:AssumeRole on all resources. This is now restricted to PassRole for the MGN service to EC2 service only.
Changed
MIGRATION TRACKER: Updated deployment to use Glue v4.0 as Glue v2.0 has now been removed from support. Existing deployments will need to be updated before January, 31 2024 with this version, or a manual update of glue jobs is required.
MGN AGENT INSTALL: Removed default creation of IAMUser from target account CFT and updated installation scripts to use temporary credentials by default, with the option of allowing a secret to be used to supply IAMUser credentials if required.
CODE QUALITY: Increased unit test coverage, and refactored code base.
AWS LAMBDA: Runtimes moved to Python version 3.11 for all functions.
Fixed
SUBMIT JOB UI: Resolved issue with changing scripts after inputting attribute values, this caused any previous values to be sent to the newly created job.
Added
AUTOMATION: Tools API ID is now exposed to automation scripts, allowing calls to the tools api from a script.
Security
Changed
Fixed
Added