OpenSecOps Installer v2.6.0 and SOAR v2.4.17 are now available, delivering enhanced role-based access control and a critical fix for RDS snapshot auto-remediation.

Installer v2.6.0

SecurityAdministratorAccess can now manage IAM users

The protect-foundations.json Service Control Policy has been updated to allow SecurityAdministratorAccess to manage IAM users. Security teams can now directly manage user identities without requiring full administrator access, while NetworkAdministrators remain appropriately restricted.

- New installations: Automatically configured via apps.example/foundation/SCPs/protect-foundations.json
- Existing installations: Update your SCP configuration to adopt this change

DeveloperAccess gains backup permissions

DeveloperAccess now includes backup:* and backup-storage:* permissions in both the SSO permission set and permission boundary.

- Updated in apps.example/foundation/sso-config/sso_permission_sets/DeveloperAccess.yaml
- Updated in apps.example/foundation/BoundaryPolicies/developer-permission-boundary-policy.yaml

SOAR v2.4.17

RDS.4 auto-remediation no longer deletes "empty" snapshots

AWS-reported size data for Aurora cluster snapshots proved unreliable, making safe identification of truly empty snapshots impossible. The RDS.4 auto-remediation now focuses solely on encrypting unencrypted snapshots, eliminating risk of data loss from unreliable size reporting.

Deployment: Update to Installer v2.6.0 and SOAR v2.4.17 using standard deployment procedures. Installer permission changes require manual adoption for existing installations — review the updated example configurations to determine if these permission expansions suit your security model.