chore(release): 1.42.0 #8229
Merged
chore(release): 1.42.0 #8229
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Allow for users to set their own log group that CloudTrail must send events to. Expose a log group instance property that returns the user specified or auto-created log group. closes #6162 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…vent sources (#8068) We hard code the SID of the EventBusPolicy that we generate in the account of the target of a cross-account CloudWatch Event rule. Which means that, if you have two sources in different accounts generating events into the same target account, you will get an error on CloudFormation deployment time about a duplicate SID. Include the source account ID when generating the SID to make it unique. Fixes #8010 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Commit Message feat(elbv2): Supports new types of listener rule conditions Fixes #3888 ### End Commit Message ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…8129) The error message we currently print when a user has a CLI version that is not compatible with the framework is: ```console Cloud assembly schema version mismatch: Maximum schema version supported is 1.33.0, but found 2.0.0. Please upgrade your CLI in order to interact with this app. ``` This is pretty cryptic, we shouldn't be starting the message with `Cloud Assembly`, as most users aren't really versed in, or even aware of it. In addition, the versions mentioned here are confusing and might give the impression we are asking users to upgrade to CLI version `2.0.0`. This PR simplifies the message to: ``` ❯ cdk synth [14:27:15] The CLI version you are using does not support your application version. Please upgrade the CLI to the latest version. (Your application requires a CLI that supports a cloud assembly of version '2.0.0' or above.) ``` It clearly states what wrongs (CLI version incompatible) and how to fix (upgrade) right of the bat. The tail of the message is an attempt to explain why the CLI does not support the framework. Fixes #7901 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…8127) We did not have a test deploying an old-style synthesized stack to a new-style bootstrapping environment. Now we do. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Co-authored-by: AWS CDK Team <aws-cdk@amazon.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Motivation: Since the CLI leverages Node.js, it's a useful piece of information about the user's environment. It would be helpful in diagnosing and triaging issues. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Currently the `ServiceAccount`construct creates a role with no conditions to the trust relationship or assume role policy. Without this it is possible for other pods in the same namespace to assume the role. To tighten this security the conditions needs to be set. Documentation: https://docs.aws.amazon.com/eks/latest/userguide/create-service-account-iam-policy-and-role.html#create-service-account-iam-role - [x] Add condition to the policy document using a custom resource - [x] Add unit tests - [x] Add integration tests - [x] Adjust README and remove warning ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
fix(aws-eks): kubectlEnabled: false conflicts with addNodegroup This PR allows `cluster.addNodegroup()` when `kubectlEnabled` is `false` Closes: #7993 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…oles (#8041) ### Commit Message docs(lambda): document adding execution permissions to provided IAM roles If I am providing a Role for a Lambda function, it currently isn't given the basic execution permissions, so the function cannot log anything or, in the case of a VPC Lambda, it cannot create the network interfaces. The user has to add those permissions themselves, but it isn't clear from the documentation that that needs to happen. This commit adds documentation showing CDK users how to add the required permissions for execution. ### End Commit Message ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
added some missing tests for task, custom state, wait state ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…8143) replacement for the current implementation of `RunGlueJob` where service integration and state level properties are merged. Follows the new integration pattern. Notable differences from the `RunGlueJob` implementation: * `arguments` prop is now of type `sfn.TaskInput` Rationale: old implementation precluded using task input as the arguments directly. Added a test for this as well. Updated the README. Note that the other unit tests and integ test have been left verbatim. This is a light sanity test that expected templates have not changed. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
The Pass state supports JsonPath values in the `parameters` field to filter the state input and serve as input to the field. Added a method to render parameters which will generate the ASL JSON format if a path is used in a parameter. Closes #7181 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
We've been accumulating breaking change exceptions. Time to clear them out to make sure no future breakage accidentally slips through. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
….0 (#8135) Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 2.34.0 to 3.0.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v3.0.0/packages/eslint-plugin) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Fixes one issue where the typechecker in 3.9 is stricter when matching type intersections. The particular issue was with a `string`-valued `enum` attempting to match against the `string` type. Added a better typed guard for this particular case fixed it. Additionally, the new incremental build support would cause certain `.json` files to not be `require`-able due to not being listed under `include` in the `tsconfig.json` file generated by `jsii`. Instead of copying the SDK metadata JSON document from the `aws-sdk` package, inlined the data in a `.generated.ts` module, which provides a cleaner type structure. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Fixing a number of small paper cuts in the CLI. Specifically: - When using `--cloudformation-execution-policies` or `--trust`, the positional argument that follows (typically an environment name) would be ignored, because of the way we configure yargs. Make it so that the options takes a single argument, and must be repeated for multiple arguments, making it a lot easier to use. - When a stack fails to create and is destroyed before being redeployed, the `deployStack()` routine would forget that the stack had been deleted and attempt to create a change set to update the stack, which would promptly fail. Remember we deleted the stack, so that we'll create a changeset to create a new one. - When a stack fails to create the first time, and the next deploy uses the same template, the "skip deploy" optimization we introduced to speed up deployment of stacks with nested stacks incorrectly skips the deployment. - Wrap the SDK objects, and when an AWS fails output information about the call that failed. Due to a lack of stack traces in NodeJS, it would otherwise be very hard to figure out where the error was happening. - Using the SDK wrapper, when the error looks like it's an error in assuming a role, replace it with an error message that describes the most probable cause: missing role/failure to bootstrap. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…8186) The validation for `nonKeyAttributes` count on the secondaryt indexes was incorrectly checked at `20`, while the real limit is `100` (it has been raised since the code was initially authored). Fixes #8095 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Not every `e.message` is a `string`, I guess. It turns out it can also be `undefined`? This commit fixes the integ tests. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Bumps [uuid](https://github.com/uuidjs/uuid) from 8.0.0 to 8.1.0. - [Release notes](https://github.com/uuidjs/uuid/releases) - [Changelog](https://github.com/uuidjs/uuid/blob/master/CHANGELOG.md) - [Commits](uuidjs/uuid@v8.0.0...v8.1.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Fix grammar errors from "if **there** the construct is valid." to "if the construct is valid." ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Fix typo ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…8193) Allows to work with imported resources. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
fixes #6984 by creating L2 construct and functions to allow for policies to be assigned to execution roles. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
## Commit Message docs(rds): invalid master username (#5076) ## End Commit Message Fixes the following error that occurs when `username` is set to `admin`: ``` 5/9 | 10:13:25 AM | CREATE_FAILED | AWS::RDS::DBCluster | Database (DatabaseB269D8BB) MasterUsername admin cannot be used as it is a reserved word used by the engine (Service: AmazonRDS; Status Code: 400; Error Code: InvalidParameterValue; Request ID: 0ac76793-...) ```
When two services accounts are added to a single cluster it will throw an error on the resource name. This is because the service account resource name is not unique to the cluster regardless the unique service account name. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
) chore(aws-eks): update README with correct service account syntax `serviceAccountName` should be at `spec.serviceAccountName` and add a CfnOutput sample to demo how to get the IAM role of this service account. My working sample here https://twitter.com/pahudnet/status/1263286407092514817 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
added some more missing tests. now that we have increased coverage, use the base configuration. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
This is because the operations of [`path`](https://nodejs.org/api/path.html) are OS specific. But for the container working directory and inside the container we never want to use Windows style paths. Fixes #8107 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
see CHANGELOG
## Commit Message chore(cloudtrail): better typed event selector apis (#8097) The event selector APIs now take strongly typed `IFunction` and `IBucket` instead of a string that is expected to contain the ARN. Additionally, add APIs to log all S3 data events and to log all Lambda data events. Change the type of `snsTopic` from `string` to `ITopic`. BREAKING CHANGE: API signatures of `addS3EventSelectors` and `addLambdaEventSelectors` have changed. Their parameters are now strongly typed to accept `IBucket` and `IFunction` respectively. * **cloudtrail:** `addS3EventSelectors` and `addLambdaEventSelectors` can no longer be used to configure all S3 data events or all Lambda data events. Two new APIs `logAllS3DataEvents()` and `logAllLambdaDataEvents()` have been introduced to achieve this. * **cloudtrail:** The property `snsTopic` is now of the type `ITopic`. ## End Commit Message ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
aws-cdk-automation
added
the
pr/no-squash
RomainMuller
approved these changes
May 27, 2020
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be updated from master and then merged automatically without squashing (do not update manually, and be sure to allow changes to be pushed to your fork). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See CHANGELOG