Roadmap

Current Version: 1.0.1

Table of Contents

• Version 1.0.1 — Available Now

• Version 1.0.0 — Released

• Version 1.1.0 — Q3 2026

• Version 1.2.0 — Q4 2026

• Version 2.0.0 — Q1 2027

• Under Consideration

• Feature Requests

• Roadmap Notes

---

Version 1.0.1 — Available Now

• Fixed AWS Marketplace license validation — corrected ProductSKU to use Product ID

Version 1.0.0 — Released

✅ Core Functionality

• 12 CLI actions for complete SG lifecycle management

• 9 pre-built scenarios (3-tier and 2-tier architectures)

• Override system (port overrides, additional ingress/egress)

• Workload discriminator for multiple SG sets per environment

• CloudFormation template generation with circular dependency resolution

• VPC integration via Parameter Store or direct ID

• Parameter Store storage of SG IDs for downstream consumers

• Schema validation for configuration YAML

• IAM policy generation with least-privilege permissions

✅ Scenarios

• 3-tier-web (PostgreSQL), 3-tier-rds-postgresql, 3-tier-rds-mysql

• 3-tier-redshift, 3-tier-oracle, 3-tier-sqlserver, 3-tier-documentdb

• 2-tier-web, 2-tier-rds-postgresql

✅ Operations

• Pre-deployment review reports (HTML with override highlighting)

• Post-deployment CONFIDENTIAL reports (real SG IDs)

• Test deploy with random suffix for safe testing

• Change preview via CloudFormation ChangeSets

• Drift detection against deployed stacks

• Dry-run mode for all operations

✅ Security & Deployment

• AWS Marketplace license validation

• Docker container with Cython-compiled modules (IP protection)

• Non-root container execution

• Comprehensive audit logging

---

Version 1.1.0 — Q3 2026

Planned Features

Cost Estimation

• Monthly cost estimation for Security Group infrastructure

• Region-specific pricing from AWS Pricing API

• HTML cost reports

IPv6 Scenarios

• Dual-stack scenarios with IPv6 CIDR rules

• ::/0 support for internet-facing tiers

Additional Scenarios

• 3-tier-elasticache-redis (port 6379)

• 3-tier-elasticache-memcached (port 11211)

• 3-tier-opensearch (port 443/9200)

• 4-tier-web (web, app, cache, db)

Enhanced Validation

• Duplicate rule detection

• Overly permissive rule warnings (broad port ranges)

• Unused tier detection

---

Version 1.2.0 — Q4 2026

Planned Features

Rule Templates

• Reusable rule snippets (e.g., “allow-prometheus”, “allow-ssh-bastion”)

• Rule composition from multiple templates

• Community-contributed rule libraries

Multi-VPC Support

• Deploy SGs across multiple VPCs in one config

• Cross-VPC security group references (via VPC peering)

Export Capabilities

• Terraform export (aws_security_group resources)

• AWS CDK export (TypeScript/Python)

• JSON/CSV rule export for compliance audits

Compliance Reporting

• CIS Benchmark checks for security groups

• PCI-DSS rule validation

• SOC 2 compliance mapping

---

Version 2.0.0 — Q1 2027

Major Features

Visual Rule Editor

• Web-based UI for scenario design

• Drag-and-drop tier builder

• Real-time rule validation

• Visual cross-tier dependency graph

Policy as Code

• OPA (Open Policy Agent) integration

• Custom policy rules for organization standards

• Pre-commit hooks for rule validation

• CI/CD pipeline integration

Advanced Networking

• Security group chaining patterns

• Prefix list support

• Managed prefix list integration

• Security group rule quotas monitoring

Enterprise Integration

• AWS Organizations — deploy across accounts

• Service Control Policy validation

• AWS Security Hub findings integration

• AWS Config Rules for SG compliance

---

Under Consideration

Based on customer feedback, we’re evaluating:

• ARM64/Graviton support — native container images for cost savings

• GUI dashboard — web-based management interface

• GitOps workflow — ArgoCD/Flux integration for SG state management

• Rollback support — automatic rollback on failed deployments

• Scheduled drift checks — periodic drift detection with notifications

• Slack/Teams notifications — deployment and drift alerts

• Custom scenario marketplace — share/download community scenarios

---

Feature Requests

How to Request a Feature

Contact us via AWS Marketplace “Contact Seller” with:

1. Feature name

2. Use case description

3. Business impact

Most Requested

1. Cost estimation (Planned for v1.1.0)

2. IPv6 dual-stack scenarios (Planned for v1.1.0)

3. Terraform export (Planned for v1.2.0)

4. Visual rule editor (Planned for v2.0.0)

5. Multi-VPC support (Planned for v1.2.0)

---

Roadmap Notes

Timelines: Dates are approximate and subject to change based on customer demand.

Backward Compatibility: Maintained within major versions (1.x.x). Breaking changes only in major updates with migration guides.

Feature Voting: Features with the most customer requests get prioritized. Contact us to vote.

---

Version History

Version	Release Date	Key Features
1.0.1	Q2 2026	License validation fix — correct ProductSKU
1.0.0	Q2 2026	Initial release — 9 scenarios, 12 actions, override system, workload discriminator

Copyright © 2025 Axon Tech Labs. All rights reserved.