From 50202b7658898bcc87ef22628c19cde35e8de944 Mon Sep 17 00:00:00 2001 From: badra001 Date: Fri, 20 Mar 2026 10:25:42 -0400 Subject: [PATCH 1/4] add udpate for security groups --- aws/whats-new/terraform-modules/README.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/aws/whats-new/terraform-modules/README.md b/aws/whats-new/terraform-modules/README.md index 82b8e4b3..1199c1f4 100644 --- a/aws/whats-new/terraform-modules/README.md +++ b/aws/whats-new/terraform-modules/README.md @@ -1,5 +1,16 @@ # What's New with [Terraform Modules](https://github.e.it.census.gov/terraform-modules/) +## 2026-03-19: [aws-common-security-groups//it-windows-base]https://github.e.it.census.gov/terraform-modules/aws-common-security-groups/tree/2.11.0/it-windows-base) + +This changes refactors the `it-windows-base` security group to use a YAML file (within the module) which sets up the appropriate +security group rules. This changes from using specific IP blocks to using Prefix Lists defined in the central network account, so that we may +more easily adapt to IP changes for services. + +* 2.11.0 -- 2026-03-19 + - it-windows-base + - refactor to use prefix lists and a YAML file + - remove obsolete servicenow scan rules + ## 2026-03-13: [aws-sso//policies/sc-readonly](https://github.e.it.census.gov/terraform-modules/aws-sso/tree/1.6.0/policies/sc-readonly) This change moves the `sc-readonly` permissionset into a module, so we can change in one place for all organizations. From 12fb48b643cf4a004aced32132eab15ad070fbbb Mon Sep 17 00:00:00 2001 From: badra001 Date: Fri, 20 Mar 2026 10:26:13 -0400 Subject: [PATCH 2/4] fix --- aws/whats-new/terraform-modules/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/whats-new/terraform-modules/README.md b/aws/whats-new/terraform-modules/README.md index 1199c1f4..99876c89 100644 --- a/aws/whats-new/terraform-modules/README.md +++ b/aws/whats-new/terraform-modules/README.md @@ -1,6 +1,6 @@ # What's New with [Terraform Modules](https://github.e.it.census.gov/terraform-modules/) -## 2026-03-19: [aws-common-security-groups//it-windows-base]https://github.e.it.census.gov/terraform-modules/aws-common-security-groups/tree/2.11.0/it-windows-base) +## 2026-03-19: [aws-common-security-groups//it-windows-base](https://github.e.it.census.gov/terraform-modules/aws-common-security-groups/tree/2.11.0/it-windows-base) This changes refactors the `it-windows-base` security group to use a YAML file (within the module) which sets up the appropriate security group rules. This changes from using specific IP blocks to using Prefix Lists defined in the central network account, so that we may From 774fd939a4670cf153a489144c1450365e81091c Mon Sep 17 00:00:00 2001 From: badra001 Date: Fri, 20 Mar 2026 10:30:08 -0400 Subject: [PATCH 3/4] update --- aws/whats-new/terraform-modules/README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/aws/whats-new/terraform-modules/README.md b/aws/whats-new/terraform-modules/README.md index 99876c89..ae4f4c47 100644 --- a/aws/whats-new/terraform-modules/README.md +++ b/aws/whats-new/terraform-modules/README.md @@ -6,6 +6,9 @@ This changes refactors the `it-windows-base` security group to use a YAML file ( security group rules. This changes from using specific IP blocks to using Prefix Lists defined in the central network account, so that we may more easily adapt to IP changes for services. +To apply first time, no changes neede to be made. On an update (terraform init -upgrade), it will fail, as all of the rules are added not through +dynamic blocks but through the security group rule resource. We will have a script and instructions on how to proceed with this. + * 2.11.0 -- 2026-03-19 - it-windows-base - refactor to use prefix lists and a YAML file From 3e68912629f31fffacce4dea424f042b0f583f2e Mon Sep 17 00:00:00 2001 From: Anupama Dwaram Date: Fri, 20 Mar 2026 10:46:39 -0400 Subject: [PATCH 4/4] creating account for adrm-ced-dev{ew, govcloud} (#405) * creating account for adrm-ced both nonprod and prod{ew, govcloud} * create ardm ced dev account --------- Co-authored-by: dwara001 --- aws/info/ACCOUNTS.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/aws/info/ACCOUNTS.md b/aws/info/ACCOUNTS.md index 2f22382c..acf3704c 100644 --- a/aws/info/ACCOUNTS.md +++ b/aws/info/ACCOUNTS.md @@ -367,6 +367,8 @@ | 582222802695 | adsd-chris-nonprod-gov | ADSD CHRIS GovCloud NonProd | AWS GovCloud | | 413545130696 | adsd-chris-prod-ew | ADSD CHRIS EW Prod | AWS East/West | csvd.aws+adsd-chris-prod-ew@census.gov | | 582225653812 | adsd-chris-prod-gov | ADSD CHRIS GovCloud Prod | AWS GovCloud | +| | adrm-ced-dev-ew | ADRM CED EW Dev | AWS East/West | csvd.aws+adrm-ced-dev-ew@census.gov | +| | adrm-ced-dev-gov | ADRM CED GovCloud dev | AWS GovCloud | # Decomissioned AWS Accounts @@ -1003,3 +1005,7 @@ * CRF # 677 * Jira # CSVDIES-9047 * Adding account numbers for adsd-chris-{prod,nonprod}-{ew,gov} +* 2026-03-20 + * CRF # 647 + * Jira # CSVDIES-9321 + * creating account for adrm-ced-dev-{ew,gov}