add whats-new

aws/whats-new/README.md

@@ -0,0 +1,23 @@
+# What's New on our AWS
+
+## 2025-12-30
+
+* New Stackset implementing cross-account roles
+
+A new stackset in all organizations (ent-gov, ent-ew, lab-gov) which implements two cross-account roles,
+one for adminsitration so we can query organizations and crawl across the accounts, and the other for emergency
+access driven through a service account with MFA and a user/password.  Currently documented in the `instractructure/global/stacksets/inf-org-crossaccount/`
+directory but will get copied elsewhere:
+  * [ent-gov](https://github.e.it.census.gov/terraform/252903981224-ma5-gov/tree/master/infrastructure/global/stacksets/inf-org-crossaccount)
+  * [ent-ew](https://github.e.it.census.gov/terraform/109223337795-censusaws/tree/master/infrastructure/global/stacksets/inf-org-crossaccount)
+  * [lab-gov](https://github.e.it.census.gov/terraform/243219719746-lab-gov-management-nonprod/tree/master/infrastructure/global/stacksets/inf-org-crossaccount)
+
+* Proposal to remove CloudTrail and reduce costs
+
+A proposal is in place to strip out all non-organization cloudtrail from all organizations and all accounts.  It is available [here](https://github.e.it.census.gov/terraform/cloud-information/tree/master/aws/proposals/cloudtrail).
+The first step of disabling the Cloudtrail for non-organization trail (inf-org-cloudtrail) has bee done in the EDL accounts.  It will
+be done accross all organizations.  Current non-organization cloudtrail counts:
+
+  * ent-gov: 545
+  * ent-ew: 983
+  * lab-gov: 54