-
Notifications
You must be signed in to change notification settings - Fork 3.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(release): 2.128.0 #29107
chore(release): 2.128.0 #29107
Commits on Feb 10, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 0a84161 - Browse repository at this point
Copy the full SHA 0a84161View commit details
Commits on Feb 11, 2024
-
feat: allow overriding the filename of the processed file after subst…
…itution (#29029) ### Issue # (if applicable) Closes #28450 ### Reason for this change Currently, the filename is automatically generated based on its fingerprint. There's no way to override the resulting filename. ### Description of changes Added an optional `destinationKey` parameter. If this is provided, the construct would use the `destinationKey` when uploading the resulting processed file to S3. If the `destinationKey` is not provided, the current approach would be the default. ### Description of how you validated changes Added a unit test to confirm that the correct filename is being used. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Configuration menu - View commit details
-
Copy full SHA for 88decc6 - Browse repository at this point
Copy the full SHA 88decc6View commit details
Commits on Feb 12, 2024
-
fix(stepfunctions-tasks): missing permissions for running tasks on ecs (
#27891) While working on [#27803](#27803), I noticed the integration tests for `aws-stepfunctions-tasks/ecs` were not fully working (they deployed but the state machines did not run successfully). This PR addresses two issues: 1. Missing permissions for `ecs:RunTask` on the task definition version. <img width="1587" alt="sfn-role" src="https://github.com/aws/aws-cdk/assets/3310356/13a0d402-8cbb-4852-9708-290f3a3b6711"> 2. The sample container was from a Lambda image. This resulted in the following error: `entrypoint requires the handler name to be the first argument`. I changed the image to `docker/library/python:3.12`. These changes result in the successful execution of all four state machines in `aws-stepfunctions-tasks/ecs`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Configuration menu - View commit details
-
Copy full SHA for 683d595 - Browse repository at this point
Copy the full SHA 683d595View commit details -
fix(lambda): @deprecated tag to deprecated runtimes (#29081)
### Issue # (if applicable) Closes #<issue number here>. ### Reason for this change Updated according to [this document](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-support-policy). ### Description of changes ### Description of how you validated changes ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Configuration menu - View commit details
-
Copy full SHA for 2503f68 - Browse repository at this point
Copy the full SHA 2503f68View commit details -
feat(codedeploy): ignoreAlarmConfiguration parameter to Deployment Gr…
…oups (#26957) The alarms on a CodeDeploy group are configurable to be enabled or disabled through the SDK or UI. Bringing in that functionality to the CDK to have parity. The parameter name mirrors the "Ignore alarm configuration" checkbox in the alarm configuration section of the UI. Motivation: Developers are able to disable _rollback_ on alarm, but this leaves deployments in a stopped state should any alarms be active. Including this configuration will align with the expectation that alarms will not block a deployment in lower environments via a flag rather than logic to include/exclude alarms on the deployment group based on environment. I'm sure there are other use cases for disabling the alarm configuration on a deployment group. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Configuration menu - View commit details
-
Copy full SHA for e890e89 - Browse repository at this point
Copy the full SHA e890e89View commit details
Commits on Feb 13, 2024
-
feat(ses):
grant
methods toIEmailIdentity
(#29084)### Issue Closes #29083 ### Reason for this change When granting send email access to a lambda the grant needs to be constructed manually, including constructing the ARN for the identity. e.g. ``` Grant.addToPrincipal({ grantee, actions: ["ses:SendEmail"], resourceArns: [ this.stack.formatArn({ service: 'ses', resource: 'identity', resourceName: 'test@example.com', }), ], scope: this }) ``` This is dissimilar to other constructs, which generally expose a grant method and one or more convenience methods for particularly relevant groups of actions. ### Description of changes Added `grant` and `grantSendEmail` to `IEmailIdentity`, and added a common abstract class, `BaseEmailIdentity` with the relevant grant code. This is to avoid code duplication between the full `EmailIdentity` and the `Import` class. ### Description of how you validated changes Tests added for grants on both new and imported email identities, and a test to validate the `grantSendEmail` method. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Configuration menu - View commit details
-
Copy full SHA for c3c771c - Browse repository at this point
Copy the full SHA c3c771cView commit details -
feat(cloudwatch): add
TableWidget
(#29078)### Issue # (if applicable) closes #28975. ### Reason for this change add support for table widget https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/add_remove_table_dashboard.html ### Description of changes add a new `TableWidget` and its supporting property classes/interfaces ### Description of how you validated changes added both unit/integ tests ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Configuration menu - View commit details
-
Copy full SHA for 4599aa3 - Browse repository at this point
Copy the full SHA 4599aa3View commit details -
feat(pipes-targets): new EventBridge Pipes targets alpha module (#29057)
### Issue # (if applicable) Closes #<issue number here>. ### Reason for this change This PR adds a new alpha module to for EvenBridge pipes targets. This is the base setup for future work and additional targets. ### Description of changes The initial target is the SQS target. ### Description of how you validated changes - [x] Unittests - [x] Integration test ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Configuration menu - View commit details
-
Copy full SHA for 9419f54 - Browse repository at this point
Copy the full SHA 9419f54View commit details -
feat(codepipeline): pipeline type v2 with pipeline-level variables an…
…d triggers (#28538) This PR supports pipeline type v2 with pipeline-level variables and triggers. When referring to a variable in pipeline actions, it must be specified according to the format `#{variables.variableName}`. In order to avoid the need to specify directly in this form, a new class `Variable` with a `reference()` method was created. ```ts const myVariable = new codepipeline.Variable({ variableName: 'bucket-var', description: 'description', defaultValue: 'sample', }); const pipeline = new codepipeline.Pipeline(stack, 'Pipeline', { artifactBucket: sourceBucket, pipelineType: codepipeline.PipelineType.V2, variables: [myVariable], stages: [ { stageName: 'Source', actions: [sourceAction], }, { stageName: 'Deploy', actions: [ new S3DeployAction({ actionName: 'DeployAction', extract: false, // objectKey: '#{variables.bucket-var}.txt', objectKey: `${myVariable.reference()}.txt`, input: sourceOutput, bucket: deployBucket, }), ], }, ], }); ``` - user guide - https://docs.aws.amazon.com/codepipeline/latest/userguide/pipeline-types-planning.html - https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-variables.html#reference-variables-workflow - https://docs.aws.amazon.com/codepipeline/latest/userguide/tutorials-github-tags.html - CloudFormation - https://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-pipeline.html - https://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-properties-codepipeline-pipeline-variabledeclaration.html - https://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-properties-codepipeline-pipeline-pipelinetriggerdeclaration.html Closes #28476 #28694. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Configuration menu - View commit details
-
Copy full SHA for 40ffe2b - Browse repository at this point
Copy the full SHA 40ffe2bView commit details -
feat(scheduler-targets-alpha):
SageMakerStartPipelineExecution
Targ…Configuration menu - View commit details
-
Copy full SHA for db260b0 - Browse repository at this point
Copy the full SHA db260b0View commit details -
feat(pipes-enrichments): new EventBridge Pipes enrichments alpha modu…
…le (#29063) ### Issue # (if applicable) Closes #<issue number here>. ### Reason for this change This PR adds a new alpha module to for EvenBridge pipes enrichments. This is the base setup for future work and additional enrichments. ### Description of changes The initial enrichment is the Lambda enrichment. ### Description of how you validated changes - [x] Unittests - [x] Integration test ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Configuration menu - View commit details
-
Copy full SHA for 5a54ec5 - Browse repository at this point
Copy the full SHA 5a54ec5View commit details -
feat(app-staging-synthesizer-alpha): require passing `stagingBucketEn…
…cryption` and note that we intend to default to `S3_MANAGED` in the future (#28978) ### Issue # (if applicable) Relates to #28815 ### Reason for this change The App Staging Synthesizer is great - I've moved to using it for most of my stacks. However, the current default uses a Customer-Managed KMS key, which costs $1/month. The default synthesizer bucket uses SSE-S3 encryption by default. This is nice because users do not incur additional fees for a KMS key. In my opinion, SSE-S3 is good enough for most people. If folks need additional security, they should opt-in to SSE-KMS, which they can do via the `stagingBucketEncryption` property @msambol introduced with #28903. ### Description of changes With guidance from @kaizencc [below](#28978 (comment)), this PR makes `stagingBucketEncryption` a required property, with a user-facing note that we intend to default to `S3_MANAGED` as the module is stablized. ### Description of how you validated changes Updated unit tests. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) BREAKING CHANGE: `stagingBucketEncryption` property is now required. For existing apps, specify `BucketEncryption.KMS` to retain existing behavior. For new apps, choose the bucket encryption that makes most sense for your use case. `BucketEncryption.S3_MANAGED` is available and is intended to be the default when this module is stabilized. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Configuration menu - View commit details
-
Copy full SHA for fc8b955 - Browse repository at this point
Copy the full SHA fc8b955View commit details -
fix(appconfig): deployment recreated on every cdk deployment (#28782)
Every time I perform a CDK deployment, the logicalId hash of the deployment resource changes and causes the deployment resource to be deleted and recreated. I'm assuming it is because the configuration `content` is part of the hash creation and I am creating the content using `lazy` and at the time of the hash creation it is still a token. Looking at the [CloudFormation docs](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-appconfig-deployment.html) for the deployment resource, a change to _any_ property causes a replacement so I don't think we need to control the recreation logic ourselves, we should just let CloudFormation do the resource replacement for us. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Configuration menu - View commit details
-
Copy full SHA for a21731c - Browse repository at this point
Copy the full SHA a21731cView commit details
Commits on Feb 14, 2024
-
AWS CDK Team committed
Feb 14, 2024 Configuration menu - View commit details
-
Copy full SHA for 4cdb26d - Browse repository at this point
Copy the full SHA 4cdb26dView commit details -
Signed-off-by: Vinayak Kukreja <vinakuk@amazon.com>
Configuration menu - View commit details
-
Copy full SHA for 72262dd - Browse repository at this point
Copy the full SHA 72262ddView commit details