Version 3.1.0

Author: Joshua Leaverton

.github/ISSUE_TEMPLATE/bug_report.md

@@ -17,16 +17,17 @@ Steps to reproduce the behavior.
 A clear and concise description of what you expected to happen.
 
 **Please complete the following information about the solution:**
-- [ ] Version: [e.g. v1.0.0]
+- [ ] Version: [e.g. v3.1]
 
-To get the version of the solution, you can look at the description of the created CloudFormation stack. For example, "_(SO0021) - Video On Demand workflow with AWS Step Functions, MediaConvert, MediaPackage, S3, CloudFront and DynamoDB. Version **v5.0.0**_". If the description does not contain the version information, you can look at the mappings section of the template:
+To get the version of the solution, you can look at the description of the created CloudFormation stack. For example, "AWS WAF Security Automations v3.1: This AWS CloudFormation template helps you provision the AWS WAF Security Automations stack without worrying about creating and configuring the underlying AWS infrastructure". If the description does not contain the version information, you can look at the mappings section of the template:
 
 ```yaml
 Mappings:
   SourceCode:
     General:
-      S3Bucket: "solutions"
-      KeyPrefix: "video-on-demand-on-aws/v5.0.0"
+      TemplateBucket: 'solutions-reference'
+      SourceBucket: 'solutions'
+      KeyPrefix: 'waf-security-automation/v3.1'
 ```
 
 - [ ] Region: [e.g. us-east-1]

.gitignore

@@ -6,3 +6,5 @@
 **/package-lock.json
 **/.pyc
 /deployment/open-source/
+source/tests/__pycache__/
+source/log_parser/__pycache__/

CHANGELOG.md

@@ -25,3 +25,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Changed
 - Upgraded from WAF classic to WAFV2 API
 - Eliminated dependency on NodeJS and use Python as the standardized programming language
+## [3.1] - 2020-10-22
+### Changed
+- Replaced s3 path-style with virtual-hosted style
+- Added partition variable to all ARNs 
+- Updated bug report

deployment/aws-waf-security-automations-firehose-athena.template

@@ -110,8 +110,8 @@ Resources:
                   - s3:ListBucketMultipartUploads
                   - s3:PutObject
                 Resource:
-                  - !Sub 'arn:aws:s3:::${WafLogBucket}'
-                  - !Sub 'arn:aws:s3:::${WafLogBucket}/*'
+                  - !Sub 'arn:${AWS::Partition}:s3:::${WafLogBucket}'
+                  - !Sub 'arn:${AWS::Partition}:s3:::${WafLogBucket}/*'
         - PolicyName: KinesisAccess
           PolicyDocument:
             Statement:
@@ -121,15 +121,15 @@ Resources:
                   - kinesis:GetShardIterator
                   - kinesis:GetRecords
                 Resource:
-                  - !Sub 'arn:aws:kinesis:${AWS::Region}:${AWS::AccountId}:stream/${DeliveryStreamName}'
+                  - !Sub 'arn:${AWS::Partition}:kinesis:${AWS::Region}:${AWS::AccountId}:stream/${DeliveryStreamName}'
         - PolicyName: CloudWatchAccess
           PolicyDocument:
             Statement:
               - Effect: Allow
                 Action:
                   - 'logs:PutLogEvents'
                 Resource:
-                  - !Sub 'arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/kinesisfirehose/${DeliveryStreamName}:*'
+                  - !Sub 'arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/kinesisfirehose/${DeliveryStreamName}:*'
       Metadata:
         cfn_nag:
           rules_to_suppress:

deployment/aws-waf-security-automations-webacl.template

@@ -337,7 +337,7 @@ Resources:
                   - 'logs:CreateLogStream'
                   - 'logs:PutLogEvents'
                 Resource:
-                  - !Sub 'arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/lambda/*CustomTimer*'
+                  - !Sub 'arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/lambda/*CustomTimer*'
 
   CustomTimer:
     Type: 'AWS::Lambda::Function'