Releases: aws-solutions/instance-scheduler-on-aws
Releases · aws-solutions/instance-scheduler-on-aws
v3.0.9
[3.0.9] -- 2025-4-10
Security
- Upgrade Jinja2 to mitigate CVE-2025-27516
- Upgrade aws-cdk to mitigate CVE-2025-2598
- Upgrade esbuild to mitigate GHSA-67mh-4wv8-2f99
- Upgrade OpenSSL to mitigate CVE-2024-12797
Changed
- Reintroduced --use-maintenance-window flag for schedules. The flag will be enabled by default but can be set to false
to disable RDS preferred maintenance windows and EC2 maintenance windows
v3.0.8
[3.0.8] -- 2025-1-31
Updated
- Upgrade AWS Powertools from V2 to V3
Security
- Upgrade jinja to mitigate CVE-2024-56201 and CVE-2024-56326
v3.0.7
v3.0.6
[3.0.6] -- 2024-11-7
Changed
- RDS instances will now be automatically started 10 minutes prior to their preferred maintenance windows
Fixed
- Clamped role session name to 64 characters to fix scenario where longer
namespaces could cause runtime errors during sts assume - Fixed long-term retry logic for EC2/RDS scheduling.
EC2 and RDS will now retry start actions on instances that failed during the previous scheduling cycle - Fixed AccessDenied error when spoke account self-registration process attempted to create a log group
Security
- Upgrade Werkzeug to mitigate CVE-2024-49766 and CVE-2024-49767
v3.0.5
[3.0.5] -- 2024-10-01
Fixed
- Fixed bug in Nth weekday logic that would sometimes cause Nth weekday to be interpreted as 1 week too early
Updated
- added rds:CreateDBSnapshot and rds:AddTagsToResource snapshot to scheduling roles to support recent changes to
RDS IAM requirements.
Security
- Upgrade pyca/cryptography to mitigate GHSA-h4gh-qq45-vh27
v3.0.4
[3.0.4] -- 2024-08-30
Fixed
- Fixed China region compatibility issues by adding new -cn variants of solution stack templates
- Fixed bug in RDS Scheduling Logic that would cause the scheduler to crash when more than 100
tagged RDS instances were present in a single scheduling target
Added
- added SECURITY.md file with instructions on how security issues can be reported to AWS
v3.0.3
v3.0.2
[3.0.2] -- 2024-07-24
Fixed
- Fixed an error that caused CloudFormation-managed schedules using the (now deprecated) UseMaintenanceWindow flag be an un-updatable
Security
- Upgrade Certifi to mitigate CVE-2024-39689
v3.0.1
[3.0.1] -- 2024-06-27
Changed
- Scheduler CLI installation process now uses a version-agnostic installation process
- Lambda memory size for orchestration and asg scheduling lambdas is now configurable
Fixed
- Fixed an error that would cause maintenance window scheduling to fail when the SSM api returned expired maintenance windows without a
NextExecutionTimeproperty - Fixed KMS encryption key being deleted when DynamoDB tables were configured to be retained on stack delete
- Fixed an error that caused ASG schedule updates to fail when more than 5 schedules were updated at once
- Fixed a possible name conflict with Operational Insights Dashboard when deploying multiple copies of Instance Scheduler to the same account
Security
- Upgrade braces to mitigate CVE-2024-4068
- Upgrade urllib3 to mitigate CVE-2024-37891
v3.0.0
[3.0.0] - 2024-06-05
Added
- Added support for scheduling of Neptune and DocumentDB clusters
- Added support for scheduling of ASG through the automatic creation of Scheduled Scaling Rules from configured schedules
- Added optional Operational Insights Dashboard to CloudWatch for monitoring and insights into solution performance
- Added support for using multiple EC2 maintenance windows with a single schedule
- Added ability to specify KMS keys that Instance Scheduler should be granted permissions to use when starting
EC2 instances with encrypted EBS volumes
Changed
- Separated "Scheduled Services" parameter into individual enabled/disabled parameters for each supported service
- Upgrade Python runtime to 3.11
- Extensive refactoring to internal code to improve code quality and testability
- CloudWatch metrics feature renamed to "Per Schedule Metrics" and integrated with new Operational Insights Dashboard
- DynamoDB Deletion Protection now enabled by default on solution DynamoDB tables.
- Refactored maintenance window dynamodb table to be more cost-efficient at scale
- Updated schedule logs to include SchedulingDecision entries for all decisions made by the EC2/RDS schedulers.
- Scheduler CLI will now error when attempting to overwrite schedules managed by CloudFormation
Removed
- Configuration settings from CloudFormation parameters no longer duplicated in DynamoDB
- Remove deprecated "overwrite" Schedule flag (distinct from still-supported "override" flag)
- Cloudwatch Metrics feature replaced with Operational Monitoring
Fixed
- Fixed deployment error in China partition, introduced in v1.5.0
- Fixed bug where CloudFormation Schedules used UTC timezone if not specified in template (instead of stack default)
- Fixed bug that would cause the scheduling request handler lambda would hang when trying to scheduler more than 50 RDS instances in the same region
- Fixed bug that would sometimes cause the CFN schedule custom resource to error when many schedules were deployed in parallel
- Fixed bug that would cause spoke stacks to not be correctly deregistered from the hub stack when undeployed
- Fixed bug in cli describe_schedule_usage command that would incorrectly estimate the behavior of schedules using nth weekday expressions
- Fixed bug that would cause schedules using monthday ranges of the format "n-31" to fail to load in months
with less days then the end of the range (such as February) - Fixed configured_in_stack property not being correctly applied to periods deployed by CloudFormation custom resource.
Security
- Break monolith Lambda Function and permissions apart based on principle of least privilege
- Spoke stack trust permissions restricted to only specific lambda roles in the Hub account
- Allow KMS keys for scheduling encrypted EBS volumes to be specified directly on hub/spoke stacks in cloudformation
rather needing to be added to scheduling roles manually - Upgrade Requests to mitigate CVE-2024-35195