Skip to content

Commit

Permalink
Update to version v2.1.0
Browse files Browse the repository at this point in the history
  • Loading branch information
@eggoynes
eggoynes committed Nov 16, 2021
1 parent fa19747 commit e568c20
Show file tree
Hide file tree
Showing 6 changed files with 2,727 additions and 32 deletions.
2 changes: 1 addition & 1 deletion .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,4 +5,4 @@ dev/
global-s3-assets/
regional-s3-assets/
open-source/
.DS_Store
.DS_Store
8 changes: 8 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,14 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [2.1.0] - 2021-11-12
### Changed
- Added additional permissions for AWS MediaLive IAM Policy. Now has additional CloudWatch, MediaConnect, and MediaStore access.
- Changed "Start MediaLive Channel" CloudFormation option to no by default. This saves money in the case customer did not want MediaLive to start on launch.

### Fixed
- Add new Permissions to the CloudFormation template that will allow customers to add tags on EML resources.

## [2.0.0] - 2021-9-27
### Added
- Added new section that explains the minimum IAM permissions a AWS IAM user needs to deploy this CloudFormation template.
Expand Down
2 changes: 1 addition & 1 deletion deployment/build-s3-dist.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -105,7 +105,7 @@ for d in `find . -mindepth 1 -maxdepth 1 -type d`; do
cd $fname
rm -rf node_modules/
rm -rf coverage/
npm install --production
npm ci --production
zip -rq ../$fname.zip *
cd ..

Expand Down
38 changes: 34 additions & 4 deletions source/constructs/lib/live-streaming.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ export class LiveStreaming extends cdk.Stack {
/**
* CloudFormation Template Descrption
*/
this.templateOptions.description = 'SO0109 Live Streaming on AWS with MediaStore Solution %%VERSION%%';
this.templateOptions.description = '(SO0109) Live Streaming on AWS with MediaStore Solution %%VERSION%%';
/**
* Cfn Parameters
*/
Expand Down Expand Up @@ -70,7 +70,7 @@ export class LiveStreaming extends cdk.Stack {
const channelStart = new cdk.CfnParameter(this, 'ChannelStart', {
type: 'String',
description: 'If your source is ready to stream select true, this wil start the MediaLive Channel as part of the deployment. If you select false you will need to manually start the MediaLive Channel when your source is ready.',
default: 'Yes',
default: 'No',
allowedValues: ['Yes', 'No']
});
/**
Expand Down Expand Up @@ -202,7 +202,36 @@ export class LiveStreaming extends cdk.Stack {
'ssm:PutParameter'
]
}),

new iam.PolicyStatement({
resources: [`arn:${cdk.Aws.PARTITION}:mediaconnect:${cdk.Aws.REGION}:${cdk.Aws.ACCOUNT_ID}:*`],
actions: [
'mediaconnect:ManagedDescribeFlow',
'mediaconnect:ManagedAddOutput',
'mediaconnect:ManagedRemoveOutput'
]
}),
new iam.PolicyStatement({
resources: [`arn:${cdk.Aws.PARTITION}:ec2:${cdk.Aws.REGION}:${cdk.Aws.ACCOUNT_ID}:*`],
actions: [
'ec2:describeSubnets',
'ec2:describeNetworkInterfaces',
'ec2:createNetworkInterface',
'ec2:createNetworkInterfacePermission',
'ec2:deleteNetworkInterface',
'ec2:deleteNetworkInterfacePermission',
'ec2:describeSecurityGroups'
]
}),
new iam.PolicyStatement({
resources: [`arn:${cdk.Aws.PARTITION}:logs:*:*:*`],
actions: [
'logs:CreateLogGroup',
'logs:CreateLogStream',
'logs:PutLogEvents',
'logs:DescribeLogStreams',
'logs:DescribeLogGroups'
]
}),
]
});
mediaLivePolicy.attachToRole(mediaLiveRole);
Expand Down Expand Up @@ -233,7 +262,8 @@ export class LiveStreaming extends cdk.Stack {
'medialive:deleteInputSecurityGroup',
'medialive:describeChannel',
'medialive:startChannel',
'medialive:tagResource'
'medialive:createTags',
'medialive:deleteTags'
]
}),
new iam.PolicyStatement({
Expand Down
145 changes: 119 additions & 26 deletions source/constructs/test/__snapshots__/live-streaming.test.ts.snap
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

exports[`LiveStreaming Stack Test 1`] = `
Object {
"Description": "SO0109 Live Streaming on AWS with MediaStore Solution %%VERSION%%",
"Description": "(SO0109) Live Streaming on AWS with MediaStore Solution %%VERSION%%",
"Mappings": Object {
"AnonymousData": Object {
"SendAnonymousData": Object {
Expand Down Expand Up @@ -240,24 +240,24 @@ Object {
},
},
"Parameters": Object {
"AssetParameters8ffa6826e66814b93548e6c75394875744880a6c90979aceb79f7e0254a7ea80ArtifactHash97F2D62E": Object {
"Description": "Artifact hash for asset \\"8ffa6826e66814b93548e6c75394875744880a6c90979aceb79f7e0254a7ea80\\"",
"AssetParameterse29d21d34295c066e6559c80215d2a28944b80ecee2ba73885a445b12aa20d09ArtifactHash5976759E": Object {
"Description": "Artifact hash for asset \\"e29d21d34295c066e6559c80215d2a28944b80ecee2ba73885a445b12aa20d09\\"",
"Type": "String",
},
"AssetParameters8ffa6826e66814b93548e6c75394875744880a6c90979aceb79f7e0254a7ea80S3Bucket9C1490D7": Object {
"Description": "S3 bucket for asset \\"8ffa6826e66814b93548e6c75394875744880a6c90979aceb79f7e0254a7ea80\\"",
"AssetParameterse29d21d34295c066e6559c80215d2a28944b80ecee2ba73885a445b12aa20d09S3BucketD49D65F8": Object {
"Description": "S3 bucket for asset \\"e29d21d34295c066e6559c80215d2a28944b80ecee2ba73885a445b12aa20d09\\"",
"Type": "String",
},
"AssetParameters8ffa6826e66814b93548e6c75394875744880a6c90979aceb79f7e0254a7ea80S3VersionKey1FADC5E4": Object {
"Description": "S3 key for asset version \\"8ffa6826e66814b93548e6c75394875744880a6c90979aceb79f7e0254a7ea80\\"",
"AssetParameterse29d21d34295c066e6559c80215d2a28944b80ecee2ba73885a445b12aa20d09S3VersionKeyCF53DBA2": Object {
"Description": "S3 key for asset version \\"e29d21d34295c066e6559c80215d2a28944b80ecee2ba73885a445b12aa20d09\\"",
"Type": "String",
},
"ChannelStart": Object {
"AllowedValues": Array [
"Yes",
"No",
],
"Default": "Yes",
"Default": "No",
"Description": "If your source is ready to stream select true, this wil start the MediaLive Channel as part of the deployment. If you select false you will need to manually start the MediaLive Channel when your source is ready.",
"Type": "String",
},
Expand Down Expand Up @@ -599,21 +599,31 @@ Object {
},
},
"Effect": "Deny",
"Principal": "*",
"Resource": Object {
"Fn::Join": Array [
"",
Array [
Object {
"Fn::GetAtt": Array [
"CloudFrontToMediaStoreCloudfrontLoggingBucketDF6F6E4B",
"Arn",
],
},
"/*",
],
],
"Principal": Object {
"AWS": "*",
},
"Resource": Array [
Object {
"Fn::Join": Array [
"",
Array [
Object {
"Fn::GetAtt": Array [
"CloudFrontToMediaStoreCloudfrontLoggingBucketDF6F6E4B",
"Arn",
],
},
"/*",
],
],
},
Object {
"Fn::GetAtt": Array [
"CloudFrontToMediaStoreCloudfrontLoggingBucketDF6F6E4B",
"Arn",
],
},
],
"Sid": "HttpsOnly",
},
],
Expand Down Expand Up @@ -745,7 +755,7 @@ Object {
"Properties": Object {
"Code": Object {
"S3Bucket": Object {
"Ref": "AssetParameters8ffa6826e66814b93548e6c75394875744880a6c90979aceb79f7e0254a7ea80S3Bucket9C1490D7",
"Ref": "AssetParameterse29d21d34295c066e6559c80215d2a28944b80ecee2ba73885a445b12aa20d09S3BucketD49D65F8",
},
"S3Key": Object {
"Fn::Join": Array [
Expand All @@ -758,7 +768,7 @@ Object {
"Fn::Split": Array [
"||",
Object {
"Ref": "AssetParameters8ffa6826e66814b93548e6c75394875744880a6c90979aceb79f7e0254a7ea80S3VersionKey1FADC5E4",
"Ref": "AssetParameterse29d21d34295c066e6559c80215d2a28944b80ecee2ba73885a445b12aa20d09S3VersionKeyCF53DBA2",
},
],
},
Expand All @@ -771,7 +781,7 @@ Object {
"Fn::Split": Array [
"||",
Object {
"Ref": "AssetParameters8ffa6826e66814b93548e6c75394875744880a6c90979aceb79f7e0254a7ea80S3VersionKey1FADC5E4",
"Ref": "AssetParameterse29d21d34295c066e6559c80215d2a28944b80ecee2ba73885a445b12aa20d09S3VersionKeyCF53DBA2",
},
],
},
Expand Down Expand Up @@ -816,7 +826,8 @@ Object {
"medialive:deleteInputSecurityGroup",
"medialive:describeChannel",
"medialive:startChannel",
"medialive:tagResource",
"medialive:createTags",
"medialive:deleteTags",
],
"Effect": "Allow",
"Resource": Object {
Expand Down Expand Up @@ -1217,6 +1228,88 @@ Object {
],
},
},
Object {
"Action": Array [
"mediaconnect:ManagedDescribeFlow",
"mediaconnect:ManagedAddOutput",
"mediaconnect:ManagedRemoveOutput",
],
"Effect": "Allow",
"Resource": Object {
"Fn::Join": Array [
"",
Array [
"arn:",
Object {
"Ref": "AWS::Partition",
},
":mediaconnect:",
Object {
"Ref": "AWS::Region",
},
":",
Object {
"Ref": "AWS::AccountId",
},
":*",
],
],
},
},
Object {
"Action": Array [
"ec2:describeSubnets",
"ec2:describeNetworkInterfaces",
"ec2:createNetworkInterface",
"ec2:createNetworkInterfacePermission",
"ec2:deleteNetworkInterface",
"ec2:deleteNetworkInterfacePermission",
"ec2:describeSecurityGroups",
],
"Effect": "Allow",
"Resource": Object {
"Fn::Join": Array [
"",
Array [
"arn:",
Object {
"Ref": "AWS::Partition",
},
":ec2:",
Object {
"Ref": "AWS::Region",
},
":",
Object {
"Ref": "AWS::AccountId",
},
":*",
],
],
},
},
Object {
"Action": Array [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogStreams",
"logs:DescribeLogGroups",
],
"Effect": "Allow",
"Resource": Object {
"Fn::Join": Array [
"",
Array [
"arn:",
Object {
"Ref": "AWS::Partition",
},
":logs:*:*:*",
],
],
},
},
],
"Version": "2012-10-17",
},
Expand Down
Loading

0 comments on commit e568c20

Please sign in to comment.