chore(release): 1.45.0 #8449
Merged
chore(release): 1.45.0 #8449
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
MonoCDK was previously using a special packaging process, but this was changed to use the standard packaging process used by any other CDK library. It is thus no longer necessary to apply those exceptions which risk making the build slower. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Bumps [ts-jest](https://github.com/kulshekhar/ts-jest) from 26.0.0 to 26.1.0. - [Release notes](https://github.com/kulshekhar/ts-jest/releases) - [Changelog](https://github.com/kulshekhar/ts-jest/blob/master/CHANGELOG.md) - [Commits](kulshekhar/ts-jest@v26.0.0...v26.1.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
The example of EFS doc is using older naming of EFS L2 API, which can not be compiled any more. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Elastic Load Balancer's ApplicationListener.addAction does not pass on conditions array to ApplicationListenerRule. This PR adds a line that passes on the conditions in the addAction function. fixes #8328 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
The conventional CDK name for properties that hold KMS Keys is 'encryptionKey', not 'kmsKey' (we don't use the service name as part of the class or property name). BREAKING CHANGE: DatabaseClusterProps.kmsKey has been renamed to storageEncryptionKey * **rds**: DatabaseInstanceNewProps.performanceInsightKmsKey has been renamed to performanceInsightEncryptionKey * **rds**: DatabaseInstanceSourceProps.secretKmsKey has been renamed to masterUserPasswordEncryptionKey * **rds**: DatabaseInstanceProps.kmsKey has been renamed to storageEncryptionKey * **rds**: DatabaseInstanceReadReplicaProps.kmsKey has been renamed to storageEncryptionKey * **rds**: Login.kmsKey has been renamed to encryptionKey ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Fixes #6669 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…rmissions (#8409) `Secret.grantRead()` now gives permission for `secretmanager:DescribeSecret` and `secretmanager:GetSecretValue`, instead of only `secretmanager:GetSecretValue`. Fixes #6444 Fixes #7953 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
No new tests or expectations added. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
For security purposes, we decided that it would be lower risk to assume a different role when we publish S3 assets and when we publish ECR assets. The reason is that ECR publishers execute `docker build` which can potentially execute 3rd party code (via a base docker image). This change modifies the conventional name for the publishing roles as well as adds a set of properties to the `DefaultStackSynthesizer` to allow customization as needed. This is a resubmission of #8319. That one was failing backwards regression tests... and for good reason! However in this case, the regression was intended (and deemed acceptable since we haven't officially "released" the feature we're breaking yet). Unfortunately the mechanism to skip integration tests during the regression tests has been broken recently, so had to be reintroduced here. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Adds recognition of tokens for all validations that validate the content in some form. fixes #8314 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
The PR #8403 changed the "IAM stack" to use the default environment and forgot to update the expected output (which now does not contain a token for the URL suffix).
Stages are self-contained application units that synthesize as a cloud assembly. This change centralizes prepare + synthesis logic into the stage level and changes `App` to extend `Stage`. Once `stage.synth()` is called, the stage becomes (practically) immutable. This means that subsequent synths will return the same output. The cloud assembly produced by stages is nested as an artifact inside another cloud assembly (either the App's top-level assembly) or a child. Authors: @rix0rrr, @eladb ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.689.0 to 2.691.0. - [Release notes](https://github.com/aws/aws-sdk-js/releases) - [Changelog](https://github.com/aws/aws-sdk-js/blob/master/CHANGELOG.md) - [Commits](aws/aws-sdk-js@v2.689.0...v2.691.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
…ks (#8206) Path parameters in API Gateway allows for paths to contain the resource id, such as `/pets/{petId}/comments/{commentId}`. When generating the ARN for a Method to this Resource, the path parameters should be placed with asterisks, such as `/pets/*/comments/*`. fixes #8036 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Was missing arguments to `addTargets()`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
I've taken the liberty to implement a preview, refer to #7752 Any feedback is welcome! BREAKING CHANGE: `requiredAttributes` on `UserPool` construct is now replaced with `standardAttributes` with a slightly modified signature. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
The permissions required to clean up old DynamoDB Global Tables replicas were set up in such a way that removing a replication region, or dropping replication entirely (or when causing a table replacement), they were removed before CloudFormation gets to the `CLEAN_UP` phase, causing a clean up failure (and old tables would remain there). This changes the way permissions are granted to the replication handler resource so that they are added using a separate `iam.Policy` resource, so that deleted permissions are also removed during the `CLEAN_UP` phase after the resources depending on them have been deleted. The tradeoff is that two additional resources are added to the stack that defines the DynamoDB Global Tables, where previously those permissions were mastered in the nested stack that holds the replication handler. Unofrtunately, the nested stack gets it's `CLEAN_UP` phase executed as part of the nested stack resource update, not during it's parent stack's `CLEAN_UP` phase. Fixes #7189 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Both the aws-s3-deployment and aws-codepipeline-actions CacheControl class uses "s-max-age" instead of the correct "s-maxage". This change fixes to the correct header value. fixes #6292 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Bumps [fast-deep-equal](https://github.com/epoberezkin/fast-deep-equal) from 3.1.1 to 3.1.3. - [Release notes](https://github.com/epoberezkin/fast-deep-equal/releases) - [Commits](epoberezkin/fast-deep-equal@v3.1.1...v3.1.3) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
feat(cloud9): support AWS CodeCommit repository clone on launch Add a new `repositories` property to allow users to clone AWS CodeCommit repositories on environment launch. Closes #8204 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
feat(codestar): support the GitHubRepository resource This PR allows to create github repositories with the new `GitHubRepository` resource Closes #8210 *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
We often store important values on secretsmanager.Secret. But, without DeletionPolicy(Retain), it can be deleted by human error. So, add DeletionPolicy to secretsmanager.Secret's initialization Props. closes: #6527 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
) This was originally added in commit 3dd21b9. However, the script fails during a bump build when the package version in lerna.json is ahead of the latest published in NPM. This was worked around by turning this feature off - 09a1f33. Re-enable this feature and handle version in lerna.json may be ahead of NPM. ### Testing Manually tested three cases - * When version in `lerna.json` is <= package published in NPM * When version in `lerna.json` is > package published in NPM * When `DOWNLOAD_LATEST` is set to `true`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…ing SageMaker jobs (#8391) replacement for the current implementation of `SageMaker` service integration and state level properties are merged and represented as a construct. The previous implementation that implemented `IStepFunctionsTask` has been removed. The previously existing classes were directly converted to constructs as these were marked **experimental** and still require further iterations as they are not backed by a SageMaker L2 (does not exist yet). In the interest of pragmatism, I decided to move them to leverage the newer pattern so we can deprecate the `Task` construct. Note that I have left the unit and integration tests verbatim. The integration test requires some additional steps as there are pre-requisites to running a training job such as creating and configuring input data that are not currently included. BREAKING CHANGE: constructs for `SageMakerCreateTrainingJob` and `SageMakerCreateTransformJob` replace previous implementation that implemented `IStepFunctionsTask`. * **stepfunctions-tasks:** `volumeSizeInGB` property in `ResourceConfig` for SageMaker tasks are now type `core.Size` * **stepfunctions-tasks:** `maxPayload` property in `SagemakerTransformProps` is now type `core.Size` * **stepfunctions-tasks:** `volumeKmsKeyId` property in `SageMakerCreateTrainingJob` is now `volumeEncryptionKey` ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…8114) fixes #8113 Currently, it's not possible to enable access logs for a network load balancer using the logAccessLogs method. Cloudformation will fail at deploy time because the S3 Bucket doesn't have the right permissions. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Adds support for asset bundling by running a command inside a Docker container. The asset path is mounted in the container at `/asset-input` and is set as the working directory. The container is responsible for putting content at `/asset-output`. The content at `/asset-output` will be zipped and used as the final asset. This allows to use Docker for Lambda code bundling. It will also be possible to refactor `aws-lambda-nodejs` and create other language specific modules. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Packages that are not containers of L1 libraries (`Cfn~` classes) have no point in having a `cfn2ts` script registered. This causes problems when trying to generate L1s across the whole repository using `lerna run cfn2ts`. This adds a `pkglint` rule that mandates the `cfn2ts` script is only present when the related other metadata is also required to be present. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 10.17.21 to 10.17.25. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
In order to write better assertions on complex resource structs that
only test what we're interested in (and not properties that may
accidentally change as part of unrelated refactors), add more powerful
matchers that can express things like:
- `objectLike()`
- `arrayWith()`
- `stringContaining()` (not implemented by default but easy to add now)
We can now write:
```ts
expect(stack).toHaveResourceLike('AWS::S3::BucketPolicy', {
PolicyDocument: {
Statement: arrayWith(objectLike({
Action: arrayWith('s3:GetObject*', 's3:GetBucket*', 's3:List*'),
Principal: {
AWS: {
'Fn::Sub': stringContaining('-deploy-role-')
}
}
}))
}
});
```
And be invariant to things like the order of elements in the arrays,
and default role name qualifiers.
Refactor the old assertions to be epxressed in terms of the new
matchers.
NOTE: Matchers are now functions, which won't translate into
jsii in the future. It will be easy enough to make them single-method
objects in the future when we move this library (or a similar
one to jsii). For now, I did not want to let that impact the design.
----
*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
aws-cdk-automation
added
the
pr/no-squash
eladb
approved these changes
Jun 9, 2020
|
Thank you for contributing! Your pull request will be updated from master and then merged automatically without squashing (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See CHANGELOG