Releases: aws-solutions/instance-scheduler-on-aws
Releases · aws-solutions/instance-scheduler-on-aws
v3.0.10
[3.0.10] -- 2025-5-22
Security
- Upgrade setuptools to mitigate CVE-2025-47273
- Upgrade aws-cdk to mitigate GHSA-5pq3-h73f-66hr and GHSA-qc59-cxj2-c2w4
Changed
- Updated Lambda default memory size to 512MB
v3.0.9
[3.0.9] -- 2025-4-10
Security
- Upgrade Jinja2 to mitigate CVE-2025-27516
- Upgrade aws-cdk to mitigate CVE-2025-2598
- Upgrade esbuild to mitigate GHSA-67mh-4wv8-2f99
- Upgrade OpenSSL to mitigate CVE-2024-12797
Changed
- Reintroduced --use-maintenance-window flag for schedules. The flag will be enabled by default but can be set to false
to disable RDS preferred maintenance windows and EC2 maintenance windows
v3.0.8
[3.0.8] -- 2025-1-31
Updated
- Upgrade AWS Powertools from V2 to V3
Security
- Upgrade jinja to mitigate CVE-2024-56201 and CVE-2024-56326
v3.0.7
v3.0.6
[3.0.6] -- 2024-11-7
Changed
- RDS instances will now be automatically started 10 minutes prior to their preferred maintenance windows
Fixed
- Clamped role session name to 64 characters to fix scenario where longer
namespaces could cause runtime errors during sts assume - Fixed long-term retry logic for EC2/RDS scheduling.
EC2 and RDS will now retry start actions on instances that failed during the previous scheduling cycle - Fixed AccessDenied error when spoke account self-registration process attempted to create a log group
Security
- Upgrade Werkzeug to mitigate CVE-2024-49766 and CVE-2024-49767
v3.0.5
[3.0.5] -- 2024-10-01
Fixed
- Fixed bug in Nth weekday logic that would sometimes cause Nth weekday to be interpreted as 1 week too early
Updated
- added rds:CreateDBSnapshot and rds:AddTagsToResource snapshot to scheduling roles to support recent changes to
RDS IAM requirements.
Security
- Upgrade pyca/cryptography to mitigate GHSA-h4gh-qq45-vh27
v3.0.4
[3.0.4] -- 2024-08-30
Fixed
- Fixed China region compatibility issues by adding new -cn variants of solution stack templates
- Fixed bug in RDS Scheduling Logic that would cause the scheduler to crash when more than 100
tagged RDS instances were present in a single scheduling target
Added
- added SECURITY.md file with instructions on how security issues can be reported to AWS
v3.0.3
v3.0.2
[3.0.2] -- 2024-07-24
Fixed
- Fixed an error that caused CloudFormation-managed schedules using the (now deprecated) UseMaintenanceWindow flag be an un-updatable
Security
- Upgrade Certifi to mitigate CVE-2024-39689
v3.0.1
[3.0.1] -- 2024-06-27
Changed
- Scheduler CLI installation process now uses a version-agnostic installation process
- Lambda memory size for orchestration and asg scheduling lambdas is now configurable
Fixed
- Fixed an error that would cause maintenance window scheduling to fail when the SSM api returned expired maintenance windows without a
NextExecutionTimeproperty - Fixed KMS encryption key being deleted when DynamoDB tables were configured to be retained on stack delete
- Fixed an error that caused ASG schedule updates to fail when more than 5 schedules were updated at once
- Fixed a possible name conflict with Operational Insights Dashboard when deploying multiple copies of Instance Scheduler to the same account
Security
- Upgrade braces to mitigate CVE-2024-4068
- Upgrade urllib3 to mitigate CVE-2024-37891