The Utoolity team is pleased to present Identity Federation for AWS 2.7 – this release continues our journey towards increased usability and easier onboarding. It adds explicit handling of the non standard AWS partitions AWS China and AWS GovCloud (US), and updates the provided CloudFormation templates to ease provisioning of AWS resources. You can now opt in to and out of non standard AWS partitions, and you can provision AWS resources with CloudFormation templates using improvements like YAML format and simplified string substitution.
Opt in to and out of non standard AWS partitions (experimental)
The non standard AWS regions China (Beijing) and AWS GovCloud (US) have been enabled for use already. However, due to not being based in either China or the US, we are not in a position to test this add-on with those regions directly. Thanks to feedback from users with access to those regions we have identified some resulting inconsistencies and bugs, which have been addressed by being more explicit about the underlying AWS partition concept (see the info box below for some background) – here is what you need to know about this change:
- Non standard AWS partitions and their regions are now disabled by default and must explicitly be opted into as outlined in
Enabling Labs Features.
- If you have been using the China (Beijing) region before, you need to opt-in again as outlined in Support for the AWS China partition – existing tasks are not affected at runtime, however, the China (Beijing) region is not offered in the region widget anymore by default.
- Once enabled, you need to specify the appropriate partition when
Configuring an AWS Access Key so that the add-on can use the partition specific AWS endpoints at runtime.
- Since most AWS users won't have access to non standard AWS regions, the Partition option is hidden until any non standard AWS partition is enabled.
- The AWS partition is now surfaced as a new partition field in the REST API.
Provision AWS resources with CloudFormation templates
We have added a set of CloudFormation templates to ease provisioning AWS resources in release 2.6.0. Since then, CloudFormation has gained two notable usability improvements by supporting templates in YAML format and simplified string substitution, and we have now updated the available templates accordingly:
- Identity Federation for AWS (Core) – These resources are semantically required and we recommend to provision a dedicated IAM role indeed.
- Identity Federation for AWS (Quickstart) – These resources aim to get you started quickly by covering the basic use cases
For more details about this release, please refer to the Identity Federation for AWS 2.7 Release Notes.