chore(release): 2.128.0 #29107
Merged
chore(release): 2.128.0 #29107
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…itution (#29029) ### Issue # (if applicable) Closes #28450 ### Reason for this change Currently, the filename is automatically generated based on its fingerprint. There's no way to override the resulting filename. ### Description of changes Added an optional `destinationKey` parameter. If this is provided, the construct would use the `destinationKey` when uploading the resulting processed file to S3. If the `destinationKey` is not provided, the current approach would be the default. ### Description of how you validated changes Added a unit test to confirm that the correct filename is being used. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
#27891) While working on [#27803](#27803), I noticed the integration tests for `aws-stepfunctions-tasks/ecs` were not fully working (they deployed but the state machines did not run successfully). This PR addresses two issues: 1. Missing permissions for `ecs:RunTask` on the task definition version. <img width="1587" alt="sfn-role" src="https://github.com/aws/aws-cdk/assets/3310356/13a0d402-8cbb-4852-9708-290f3a3b6711"> 2. The sample container was from a Lambda image. This resulted in the following error: `entrypoint requires the handler name to be the first argument`. I changed the image to `docker/library/python:3.12`. These changes result in the successful execution of all four state machines in `aws-stepfunctions-tasks/ecs`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) Closes #<issue number here>. ### Reason for this change Updated according to [this document](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-support-policy). ### Description of changes ### Description of how you validated changes ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…oups (#26957) The alarms on a CodeDeploy group are configurable to be enabled or disabled through the SDK or UI. Bringing in that functionality to the CDK to have parity. The parameter name mirrors the "Ignore alarm configuration" checkbox in the alarm configuration section of the UI. Motivation: Developers are able to disable _rollback_ on alarm, but this leaves deployments in a stopped state should any alarms be active. Including this configuration will align with the expectation that alarms will not block a deployment in lower environments via a flag rather than logic to include/exclude alarms on the deployment group based on environment. I'm sure there are other use cases for disabling the alarm configuration on a deployment group. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue Closes #29083 ### Reason for this change When granting send email access to a lambda the grant needs to be constructed manually, including constructing the ARN for the identity. e.g. ``` Grant.addToPrincipal({ grantee, actions: ["ses:SendEmail"], resourceArns: [ this.stack.formatArn({ service: 'ses', resource: 'identity', resourceName: '[email protected]', }), ], scope: this }) ``` This is dissimilar to other constructs, which generally expose a grant method and one or more convenience methods for particularly relevant groups of actions. ### Description of changes Added `grant` and `grantSendEmail` to `IEmailIdentity`, and added a common abstract class, `BaseEmailIdentity` with the relevant grant code. This is to avoid code duplication between the full `EmailIdentity` and the `Import` class. ### Description of how you validated changes Tests added for grants on both new and imported email identities, and a test to validate the `grantSendEmail` method. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) closes #28975. ### Reason for this change add support for table widget https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/add_remove_table_dashboard.html ### Description of changes add a new `TableWidget` and its supporting property classes/interfaces ### Description of how you validated changes added both unit/integ tests ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) Closes #<issue number here>. ### Reason for this change This PR adds a new alpha module to for EvenBridge pipes targets. This is the base setup for future work and additional targets. ### Description of changes The initial target is the SQS target. ### Description of how you validated changes - [x] Unittests - [x] Integration test ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…d triggers (#28538) This PR supports pipeline type v2 with pipeline-level variables and triggers. When referring to a variable in pipeline actions, it must be specified according to the format `#{variables.variableName}`. In order to avoid the need to specify directly in this form, a new class `Variable` with a `reference()` method was created. ```ts const myVariable = new codepipeline.Variable({ variableName: 'bucket-var', description: 'description', defaultValue: 'sample', }); const pipeline = new codepipeline.Pipeline(stack, 'Pipeline', { artifactBucket: sourceBucket, pipelineType: codepipeline.PipelineType.V2, variables: [myVariable], stages: [ { stageName: 'Source', actions: [sourceAction], }, { stageName: 'Deploy', actions: [ new S3DeployAction({ actionName: 'DeployAction', extract: false, // objectKey: '#{variables.bucket-var}.txt', objectKey: `${myVariable.reference()}.txt`, input: sourceOutput, bucket: deployBucket, }), ], }, ], }); ``` - user guide - https://docs.aws.amazon.com/codepipeline/latest/userguide/pipeline-types-planning.html - https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-variables.html#reference-variables-workflow - https://docs.aws.amazon.com/codepipeline/latest/userguide/tutorials-github-tags.html - CloudFormation - https://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-pipeline.html - https://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-properties-codepipeline-pipeline-variabledeclaration.html - https://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-properties-codepipeline-pipeline-pipelinetriggerdeclaration.html Closes #28476 #28694. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…le (#29063) ### Issue # (if applicable) Closes #<issue number here>. ### Reason for this change This PR adds a new alpha module to for EvenBridge pipes enrichments. This is the base setup for future work and additional enrichments. ### Description of changes The initial enrichment is the Lambda enrichment. ### Description of how you validated changes - [x] Unittests - [x] Integration test ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…cryption` and note that we intend to default to `S3_MANAGED` in the future (#28978) ### Issue # (if applicable) Relates to #28815 ### Reason for this change The App Staging Synthesizer is great - I've moved to using it for most of my stacks. However, the current default uses a Customer-Managed KMS key, which costs $1/month. The default synthesizer bucket uses SSE-S3 encryption by default. This is nice because users do not incur additional fees for a KMS key. In my opinion, SSE-S3 is good enough for most people. If folks need additional security, they should opt-in to SSE-KMS, which they can do via the `stagingBucketEncryption` property @msambol introduced with #28903. ### Description of changes With guidance from @kaizencc [below](#28978 (comment)), this PR makes `stagingBucketEncryption` a required property, with a user-facing note that we intend to default to `S3_MANAGED` as the module is stablized. ### Description of how you validated changes Updated unit tests. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) BREAKING CHANGE: `stagingBucketEncryption` property is now required. For existing apps, specify `BucketEncryption.KMS` to retain existing behavior. For new apps, choose the bucket encryption that makes most sense for your use case. `BucketEncryption.S3_MANAGED` is available and is intended to be the default when this module is stabilized. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Every time I perform a CDK deployment, the logicalId hash of the deployment resource changes and causes the deployment resource to be deleted and recreated. I'm assuming it is because the configuration `content` is part of the hash creation and I am creating the content using `lazy` and at the time of the hash creation it is still a token. Looking at the [CloudFormation docs](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-appconfig-deployment.html) for the deployment resource, a change to _any_ property causes a replacement so I don't think we need to control the recreation logic ourselves, we should just let CloudFormation do the resource replacement for us. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
aws-cdk-automation
added
auto-approve
pr/no-squash
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
vinayak-kukreja
added
pr/do-not-merge
kaizencc
reviewed
Feb 14, 2024
CHANGELOG.v2.md
Outdated
|
|
||
| ### Bug Fixes | ||
|
|
||
| * **lambda:** [@deprecated](https://github.com/deprecated) tag to deprecated runtimes ([#29081](https://github.com/aws/aws-cdk/issues/29081)) ([2503f68](https://github.com/aws/aws-cdk/commit/2503f6855b6b0dad73c6fafc51f81f66354e2822)) |
There was a problem hiding this comment.
@vinayak-kukreja can you update the CHANGELOG to not reference the github alias deprecated?
aws-cdk-automation
added
the
pr/needs-community-review
Signed-off-by: Vinayak Kukreja <[email protected]>
vinayak-kukreja
removed
the
pr/do-not-merge
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be automatically updated and merged without squashing (do not update manually, and be sure to allow changes to be pushed to your fork). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See CHANGELOG