From 81d852f5c170b3e5b7f26a5c95bb90eea34c95ee Mon Sep 17 00:00:00 2001
From: Patrick Kelley <opticrealm+cloud9@gmail.com>
Date: Wed, 24 May 2017 18:43:04 +0000
Subject: [PATCH] Version bump and Changelog update for v0.9.2

---
 Dockerfile                      |  2 +-
 dart/pubspec.yaml               |  2 +-
 docker/nginx/Dockerfile         |  2 +-
 docs/changelog.md               | 46 +++++++++++++++++++++++++++++++++
 docs/iam_aws.md                 |  8 ++++++
 scripts/secmonkey_role_setup.py |  8 ++++++
 security_monkey/__init__.py     |  2 +-
 7 files changed, 66 insertions(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index f706537cf..b0c80c22e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -16,7 +16,7 @@
 FROM ubuntu:14.04
 MAINTAINER Netflix Open Source Development <talent@netflix.com>
 
-ENV SECURITY_MONKEY_VERSION=v0.9.1 \
+ENV SECURITY_MONKEY_VERSION=v0.9.2 \
     SECURITY_MONKEY_SETTINGS=/usr/local/src/security_monkey/env-config/config-docker.py
 
 RUN apt-get update &&\
diff --git a/dart/pubspec.yaml b/dart/pubspec.yaml
index b6330c614..76c1aa8ed 100644
--- a/dart/pubspec.yaml
+++ b/dart/pubspec.yaml
@@ -1,6 +1,6 @@
 name: security_monkey
 description: An AWS Policy Monitoring and Alerting Tool
-version: 0.9.1
+version: 0.9.2
 dependencies:
   angular: "^1.1.2+2"
   angular_ui: ">=0.6.8 <0.7.0"
diff --git a/docker/nginx/Dockerfile b/docker/nginx/Dockerfile
index f2aae08df..40746a91e 100644
--- a/docker/nginx/Dockerfile
+++ b/docker/nginx/Dockerfile
@@ -15,7 +15,7 @@
 FROM nginx:1.11.4
 MAINTAINER Netflix Open Source Development <talent@netflix.com>
 
-ENV SECURITY_MONKEY_VERSION=v0.9.1
+ENV SECURITY_MONKEY_VERSION=v0.9.2
 RUN apt-get update &&\
   apt-get install -y curl git sudo apt-transport-https &&\
   curl https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - &&\
diff --git a/docs/changelog.md b/docs/changelog.md
index da9aca645..749c975df 100644
--- a/docs/changelog.md
+++ b/docs/changelog.md
@@ -1,6 +1,52 @@
 Changelog
 =========
 
+v0.9.2 (2017-05-24)
+----------------------------------------
+
+- PR #695 - @mikegrima - Fixing jinja import bug affecting change emails.
+- PR #692 - @LukeKennedy - Reduce number of API calls in Managed Policy watcher.
+- PR #694 - @supertom - GCP Documentation Updates
+- PR #701 - @supertom - Update GCP ServiceAccount Name to use email instead of DisplayName.
+- PR #702 - @rodriguezsergio - Update KMS Auditor. Don't create issue when Effect is Deny for a wildcard principal.
+- PR #697 - @mcpeak - Pylint fixes and TravisCI pylint enforcement.
+- PR #706 - @monkeysecurity Fix bug where batched watchers did not send change alert emails.
+- PR #708 - @redixin - Fix bug in docker config where `SECURITY_MONKEY_POSTGRES_PORT` would not work if passed as a string.
+- PR #714 - @monkeysecurity - Fix bug where change emails from batched watchers had incorrect color in the JSON diff.
+- PR #713 - @monkeysecurity - Fix path to favicon from flask-security jinja templates.
+- PR #709 - @crruthe - Exempt SSO API from CSRF protection.
+- PR #719 - @monkeysecurity - New simplified watcher format for CloudAux Technologies.
+- PR #726 - @monkeysecurity, @willbengtson - Add new SAMLProvider watcher.
+- PR #730 - @monkeysecurity - Fix bug where ephemerals were not respected for CloudAuxWatcher subclasses.
+- PR #727 - @supertom - Fix bug where duplicate GCP names would violate DB's unique constraint. Names now contain project ID.
+- PR #728 - @supertom - Basic Auditor Tests for GCP.
+- @monkeysecurity - Updated link to Ubuntu's SSL documentation.
+- @monkeysecurity - Bumped version of Cryptography dependency.
+- PEP8 updates.
+
+Important Notes:
+- Additional Permissions Required:
+    - "elasticloadbalancing:describelisteners",
+    - "elasticloadbalancing:describerules",
+    - "elasticloadbalancing:describesslpolicies",
+    - "elasticloadbalancing:describetags",
+    - "elasticloadbalancing:describetargetgroups",
+    - "elasticloadbalancing:describetargetgroupattributes",
+    - "elasticloadbalancing:describetargethealth",
+    - "iam:listsamlproviders",
+- New Watcher: ALB (elbv2)
+- ELB (v1) Watcher re-written with boto3 in CloudAux.  Now respects the config value `SECURITYGROUP_INSTANCE_DETAIL` when determining whether to add the instance id's to the ELB definition.
+ 
+Contributors:
+- @LukeKennedy
+- @rodriguezsergio
+- @redixin
+- @crruthe
+- @supertom
+- @mcpeak
+- @mikegrima
+- @monkeysecurity
+
 v0.9.1 (2017-04-20)
 ----------------------------------------
 
diff --git a/docs/iam_aws.md b/docs/iam_aws.md
index fdc576759..1b415f999 100644
--- a/docs/iam_aws.md
+++ b/docs/iam_aws.md
@@ -98,6 +98,13 @@ Paste in this JSON with the name "SecurityMonkeyReadOnly":
                 "elasticloadbalancing:describeloadbalancerattributes",
                 "elasticloadbalancing:describeloadbalancerpolicies",
                 "elasticloadbalancing:describeloadbalancers",
+                "elasticloadbalancing:describelisteners",
+                "elasticloadbalancing:describerules",
+                "elasticloadbalancing:describesslpolicies",
+                "elasticloadbalancing:describetags",
+                "elasticloadbalancing:describetargetgroups",
+                "elasticloadbalancing:describetargetgroupattributes",
+                "elasticloadbalancing:describetargethealth",
                 "es:describeelasticsearchdomainconfig",
                 "es:listdomainnames",
                 "iam:getaccesskeylastused",
@@ -122,6 +129,7 @@ Paste in this JSON with the name "SecurityMonkeyReadOnly":
                 "iam:listpolicies",
                 "iam:listrolepolicies",
                 "iam:listroles",
+                "iam:listsamlproviders",
                 "iam:listservercertificates",
                 "iam:listsigningcertificates",
                 "iam:listuserpolicies",
diff --git a/scripts/secmonkey_role_setup.py b/scripts/secmonkey_role_setup.py
index a5e72ec1a..076ba2a30 100755
--- a/scripts/secmonkey_role_setup.py
+++ b/scripts/secmonkey_role_setup.py
@@ -87,6 +87,13 @@
            "elasticloadbalancing:describeloadbalancerattributes",
            "elasticloadbalancing:describeloadbalancerpolicies",
            "elasticloadbalancing:describeloadbalancers",
+           "elasticloadbalancing:describelisteners",
+           "elasticloadbalancing:describerules",
+           "elasticloadbalancing:describesslpolicies",
+           "elasticloadbalancing:describetags",
+           "elasticloadbalancing:describetargetgroups",
+           "elasticloadbalancing:describetargetgroupattributes",
+           "elasticloadbalancing:describetargethealth",
            "es:describeelasticsearchdomainconfig",
            "es:listdomainnames",
            "iam:getaccesskeylastused",
@@ -111,6 +118,7 @@
            "iam:listpolicies",
            "iam:listrolepolicies",
            "iam:listroles",
+           "iam:listsamlproviders",
            "iam:listservercertificates",
            "iam:listsigningcertificates",
            "iam:listuserpolicies",
diff --git a/security_monkey/__init__.py b/security_monkey/__init__.py
index 0ce350879..b4d1dc656 100644
--- a/security_monkey/__init__.py
+++ b/security_monkey/__init__.py
@@ -23,7 +23,7 @@
 import stat
 
 ### VERSION ###
-__version__ = '0.9.1'
+__version__ = '0.9.2'
 
 ### FLASK ###
 from flask import Flask