AWS Transform for mainframe refactor

AWS DevOps Setup (DOS)

6.1.0

  • New CDK Stack for Developer IDE Image Recipe. It enables the creation of a pre-configured Amazon Machine Image (AMI) containing an Integrated Development Environment (IDE). This ready-to-use environment gives developers all the necessary tools to modernize mainframe applications. Developers can perform various tasks such as debugging applications, editing code, configuring development tools, and monitoring automation processes, all within a streamlined environment designed for mainframe modernization projects.

  • The template creates a recipe that builds a Windows Server 2022 AMI with Blu Age development tools and utilities.

    6.0.0

  • Custom deployment on existing customer network (VPC, Subnets)
  • Fix Frugality Lambda Cloudwatch IAM Policy
  • Add RTS parameter store for Frugality lambda

  • Authorize ".amazonaws.com" and ".amazon.com" in AWS Firewall Rule

    5.3.0

  • “bluage.local” Route53 hosted zone creation
  • Authorize ".amazonaws.com" and ".amazon.com" in AWS Firewall Rule
  • Modify Development AMI in inputs.ts file

  • Add new Region to support Code Artifact

    5.2.2

  • Add new “Autoscaling” VPC Endpoint (BluVpcEndpoints Stack)
  • Add new “ec2” VPC Endpoint (BluVpcEndpoints Stack)
  • Add new “lambda” VPC Endpoint (BluVpcEndpoints Stack)
  • Remove CodeCommit Stack (BluCodeReposStack Stack)

  • Certificate Manager Stack is now optional (BluCertificateStack Stack)

    5.2.1

  • Fix S3 Endpoint policy for Code Artifact (BluVpcEndpoints Stack)

  • Fix EC2 instance Profile S3 policy for Code Artifact (BluDevEC2Template Stack)

    5.2.0

  • Add New Certificate Manager Stack (BluCertificateStack Stack)
  • Create Specific SSM Document (AWSBluageEC2PortForwarding) to only allow RDP connections via SSM Port Forwarding Session (BluIamAssets Stack)
  • Restrict SSM Port Forwarding Session to a specific SSM Document : AWSBluageEC2PortForwarding (BluIamAssets Stack)

known issues:

  • No Access to Code Artifact S3 Repositories in all regions except eu-west-3, eu-central-1, us-east-1

    5.1.1

  • Fix Managed KMS Key
  • IAM Roles Creation for Project Manager and Developers are optional
  • Fix Internet Access

known issues:

  • No Access to Code Artifact S3 Repositories in all regions except eu-west-3, eu-central-1, us-east-1

    5.1.0

  • Add possibility to use Managed KMS Key for S3 Buckets, SNS Topics and EBS Volumes
  • Enable Firewall Deletion Protection

known issues:

  • No Internet Access :
  • .cloudfront.net missing in authorized Firewall Rule Groups
  • Missing route for Internet Gateway

  • No Access to Code Artifact S3 Repositories in all regions except eu-west-3, eu-central-1, us-east-1

    5.0.0

  • Scope Down IMDS Lambda Role policies

  • Scope Down SSM Policy in BluAge_ProServe_Developer_IAM_Role IAM Role

    4.9.0

  • Fix AutoUpdateAMI Lambda

    4.8.0

  • Change VPC Network configuration: New Private Subnets Addresses 10.0.0.0/20 and 10.0.16.0/20

    4.5.0

  • By Default, Schedule AutoStop EC2 & ASG Frugality Lambda is disabled. So EC2 instances always remain started. The project manager must configure the shutdown schedule.

    4.4.0

  • Change All S3 Bucket Name and IAM Roles to add Region in the name

    4.0.0

  • Create BluSegEndpoints Security Group
  • BluSegEndpoints Security Group used for all created VPC Endpoints

  • Only one Availability Zone used : 1 Private Subnet, 1 Protected Subnet, 1 Firewall Subnet

    4.2.0

  • Change VPC Network configuration: VPC CIDR /16 and subnets CIDR /20

  • Use of 2 Availability Zones : 2 Private Subnet, 2 Protected Subnet, 2 Firewall Subnet

    4.1.0

  • Change VPC Network configuration: VPC CIDR /20 and subnets CIDR /22