Skip to content

Commit

Permalink
chore(release): 2.31.0 (#21017)
Browse files Browse the repository at this point in the history
  • Loading branch information
mergify[bot] authored Jul 6, 2022
2 parents 1529743 + 446525e commit b67950d
Show file tree
Hide file tree
Showing 461 changed files with 12,646 additions and 2,567 deletions.
7 changes: 7 additions & 0 deletions CHANGELOG.v2.alpha.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,13 @@

All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.

## [2.31.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.30.0-alpha.0...v2.31.0-alpha.0) (2022-07-06)


### Features

* **batch:** add secrets props to job definition ([#20871](https://github.com/aws/aws-cdk/issues/20871)) ([9b1051f](https://github.com/aws/aws-cdk/commit/9b1051f86abdfa6448b14cdae8e1ef9acb1e6688)), closes [#19506](https://github.com/aws/aws-cdk/issues/19506) [#10976](https://github.com/aws/aws-cdk/issues/10976)

## [2.30.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.29.1-alpha.0...v2.30.0-alpha.0) (2022-07-01)

## [2.29.1-alpha.0](https://github.com/aws/aws-cdk/compare/v2.29.0-alpha.0...v2.29.1-alpha.0) (2022-06-24)
Expand Down
22 changes: 22 additions & 0 deletions CHANGELOG.v2.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,28 @@

All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.

## [2.31.0](https://github.com/aws/aws-cdk/compare/v2.30.0...v2.31.0) (2022-07-06)


### Features

* **autoscaling:** step scaling policy supports estimatedInstanceWarmup property ([#20936](https://github.com/aws/aws-cdk/issues/20936)) ([e4c7b97](https://github.com/aws/aws-cdk/commit/e4c7b9770573e3c102e4be0c2ba0378a0b2b8767))
* **aws-s3:** create default bucket policy when required (under feature flag) ([#20765](https://github.com/aws/aws-cdk/issues/20765)) ([cefa453](https://github.com/aws/aws-cdk/commit/cefa453bb3f98eb9c3f894c308ae703522de8f22)), closes [/docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html#AWS-logs-infrastructure-S3](https://github.com/aws//docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html/issues/AWS-logs-infrastructure-S3) [#18816](https://github.com/aws/aws-cdk/issues/18816)
* **cfnspec:** cloudformation spec v78.1.0 ([#20952](https://github.com/aws/aws-cdk/issues/20952)) ([20d6e09](https://github.com/aws/aws-cdk/commit/20d6e0980ba9483fb0187a8cf5a256f5b59a7ba8))
* **dynamodb:** imported tables always grant permissions for indexes ([#20682](https://github.com/aws/aws-cdk/issues/20682)) ([4d003a5](https://github.com/aws/aws-cdk/commit/4d003a50ae96a6c2be915edc2f6ca09eeb747fd5)), closes [#13703](https://github.com/aws/aws-cdk/issues/13703)
* **ec2:** add additional instance type classes ([#20972](https://github.com/aws/aws-cdk/issues/20972)) ([400ad91](https://github.com/aws/aws-cdk/commit/400ad91cb926fb0a6d71039f8eba3bb63e7c8ca8)), closes [#20924](https://github.com/aws/aws-cdk/issues/20924)
* **s3:** Event Bridge notification can be enabled after the bucket is created ([#20913](https://github.com/aws/aws-cdk/issues/20913)) ([b0b7a32](https://github.com/aws/aws-cdk/commit/b0b7a3217b1c110bcbe4580addf1ae2865ebfdf5))


### Bug Fixes

* **cli:** standard log messages are sent to stderr when CI=true ([#20957](https://github.com/aws/aws-cdk/issues/20957)) ([277340d](https://github.com/aws/aws-cdk/commit/277340d4a67f81d3b80907e1899001d091780698)), closes [#7717](https://github.com/aws/aws-cdk/issues/7717)
* **cloudfront:** fromOriginAccessIdentityName is a misnomer ([#20772](https://github.com/aws/aws-cdk/issues/20772)) ([3e58e5a](https://github.com/aws/aws-cdk/commit/3e58e5a3c5e12a859e4076b867444980d4b1e8e9)), closes [#20141](https://github.com/aws/aws-cdk/issues/20141)
* **eks:** latest `AlbController` version isn't compatible with the chart version ([#20826](https://github.com/aws/aws-cdk/issues/20826)) ([43a0cec](https://github.com/aws/aws-cdk/commit/43a0cec380f39618f18f15da8c60cb0a4a769d37))
* **route53:** cannot delete existing alias record ([#20858](https://github.com/aws/aws-cdk/issues/20858)) ([22681b1](https://github.com/aws/aws-cdk/commit/22681b1bc29ee48b3092d60cfc22726912ae607a)), closes [#20847](https://github.com/aws/aws-cdk/issues/20847)
* **stepfunctions-tasks:** SqsSendMessage is missing KMS permissions ([#20990](https://github.com/aws/aws-cdk/issues/20990)) ([52b7019](https://github.com/aws/aws-cdk/commit/52b70194c946c3074b0205318564775be10f29a8))
* custom resources log sensitive `ResponseURL` field ([#20899](https://github.com/aws/aws-cdk/issues/20899)) ([6b4f92f](https://github.com/aws/aws-cdk/commit/6b4f92f2437c7ff782c88ce23925a04168728d7c))

## [2.30.0](https://github.com/aws/aws-cdk/compare/v2.29.1...v2.30.0) (2022-07-01)

### Features
Expand Down
5 changes: 5 additions & 0 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -329,6 +329,11 @@ $ yarn watch & # runs in the background
[conventionalcommits](https://www.conventionalcommits.org).
* The title must begin with `feat(module): title`, `fix(module): title`, `refactor(module): title` or
`chore(module): title`.
* `feat`: indicates a feature added (requires tests and README updates in principle, but can be suppressed)
* `fix`: indicates a bug fixes (requires tests in principle, but can be suppressed)
* `docs`: indicates updated documentation (docstrings or Markdown files)
* `refactor`: indicates a feature-preserving refactoring
* `chore`: something without directly visible user benefit (does not end up in the CHANGELOG). Typically used for build scripts, config, or changes so minor they don't warrant showing up the CHANGELOG.
* Titles for `feat` and `fix` PRs end up in the change log. Think about what makes most sense for users reading the changelog while writing them.
* `feat`: describe the feature (not the action of creating the commit or PR, for example, avoid words like "added" or "changed")
* `fix`: describe the bug (not the solution)
Expand Down
10 changes: 5 additions & 5 deletions docs/DESIGN_GUIDELINES.md
Original file line number Diff line number Diff line change
Expand Up @@ -126,8 +126,8 @@ The AWS Construct Library, which is shipped as part of the AWS CDK constructs
representing AWS resources.

The AWS Construct Library has multiple layers of constructs, beginning
with low-level constructs, which we call _CFN Resources_ (or L1, short for
"level 1") or CFN Resources (short for CloudFormation). These constructs
with low-level constructs, which we call _CFN Resources_ (short for
CloudFormation resources), or L1 (short for "level 1"). These constructs
directly represent all resources available in AWS CloudFormation. CFN Resources
are periodically generated from the AWS CloudFormation Resource
Specification. They are named **Cfn**_Xyz_, where _Xyz_ is name of the
Expand Down Expand Up @@ -456,7 +456,7 @@ A prop should be *required* only if there is no possible sensible default value
that can be provided *or calculated*.

Sensible defaults have a tremendous impact on the developer experience. They
offer a quick way to get started with minimal cognitive, but do not limit users
offer a quick way to get started with minimal cognitive load, but do not limit users
from harnessing the full power of the resource, and customizing its behavior.

> A good way to determine what's the right sensible default is to refer to the
Expand Down Expand Up @@ -754,10 +754,10 @@ interface IFoo extends IConstruct {
class Foo extends Construct implements IFoo {
public bar() { }

/** @mutating */
@config
public goo() { }

public mutateMe() { } // ERROR! missing "@mutating" or missing on IFoo
public mutateMe() { } // ERROR! missing "@config" or missing on IFoo
}
```
Expand Down
2 changes: 2 additions & 0 deletions packages/@aws-cdk/aws-autoscaling/lib/step-scaling-policy.ts
Original file line number Diff line number Diff line change
Expand Up @@ -108,6 +108,7 @@ export class StepScalingPolicy extends Construct {
this.lowerAction = new StepScalingAction(this, 'LowerPolicy', {
adjustmentType: props.adjustmentType,
cooldown: props.cooldown,
estimatedInstanceWarmup: props.estimatedInstanceWarmup,
metricAggregationType: props.metricAggregationType ?? aggregationTypeFromMetric(props.metric),
minAdjustmentMagnitude: props.minAdjustmentMagnitude,
autoScalingGroup: props.autoScalingGroup,
Expand Down Expand Up @@ -138,6 +139,7 @@ export class StepScalingPolicy extends Construct {
this.upperAction = new StepScalingAction(this, 'UpperPolicy', {
adjustmentType: props.adjustmentType,
cooldown: props.cooldown,
estimatedInstanceWarmup: props.estimatedInstanceWarmup,
metricAggregationType: props.metricAggregationType ?? aggregationTypeFromMetric(props.metric),
minAdjustmentMagnitude: props.minAdjustmentMagnitude,
autoScalingGroup: props.autoScalingGroup,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,9 @@ describe('AutoScalingGroupRequireImdsv2Aspect', () => {
machineImage: ec2.MachineImage.latestAmazonLinux(),
});
const launchConfig = asg.node.tryFindChild('LaunchConfig') as CfnLaunchConfiguration;
launchConfig.metadataOptions = fakeToken();
launchConfig.metadataOptions = cdk.Token.asAny({
httpEndpoint: 'https://bla.com',
} as CfnLaunchConfiguration.MetadataOptionsProperty);
const aspect = new AutoScalingGroupRequireImdsv2Aspect();

// WHEN
Expand Down Expand Up @@ -61,12 +63,4 @@ describe('AutoScalingGroupRequireImdsv2Aspect', () => {
},
});
});
});

function fakeToken(): cdk.IResolvable {
return {
creationStack: [],
resolve: (_c) => {},
toString: () => '',
};
}
});
2 changes: 2 additions & 0 deletions packages/@aws-cdk/aws-autoscaling/test/scaling.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -205,6 +205,7 @@ describe('scaling', () => {
namespace: 'Henk',
dimensionsMap: { Mustache: 'Bushy' },
}),
estimatedInstanceWarmup: cdk.Duration.seconds(150),
// Adjust the number of legs to be closer to 2
scalingSteps: [
{ lower: 0, upper: 2, change: +1 },
Expand Down Expand Up @@ -241,6 +242,7 @@ describe('scaling', () => {
Template.fromStack(stack).hasResourceProperties('AWS::AutoScaling::ScalingPolicy', {
MetricAggregationType: 'Average',
PolicyType: 'StepScaling',
EstimatedInstanceWarmup: 150,
StepAdjustments: [
{
MetricIntervalUpperBound: 0,
Expand Down
17 changes: 17 additions & 0 deletions packages/@aws-cdk/aws-batch/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -300,6 +300,23 @@ new batch.JobDefinition(this, 'job-def', {
});
```

### Using the secret on secrets manager

You can set the environment variables from secrets manager.

```ts
const dbSecret = new secretsmanager.Secret(this, 'secret');

new batch.JobDefinition(this, 'batch-job-def-secrets', {
container: {
image: ecs.EcrImage.fromRegistry('docker/whalesay'),
secrets: {
PASSWORD: ecs.Secret.fromSecretsManager(dbSecret, 'password'),
},
},
});
```

### Importing an existing Job Definition

#### From ARN
Expand Down
23 changes: 23 additions & 0 deletions packages/@aws-cdk/aws-batch/lib/job-definition.ts
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,13 @@ export interface JobDefinitionContainer {
*/
readonly environment?: { [key: string]: string };

/**
* The environment variables from secrets manager or ssm parameter store
*
* @default none
*/
readonly secrets?: { [key: string]: ecs.Secret };

/**
* The image used to start a container.
*/
Expand Down Expand Up @@ -453,6 +460,14 @@ export class JobDefinition extends Resource implements IJobDefinition {
platformCapabilities: props.platformCapabilities ?? [PlatformCapabilities.EC2],
});

// add read secrets permission to execution role
if ( props.container.secrets && props.container.executionRole ) {
const executionRole = props.container.executionRole;
Object.values(props.container.secrets).forEach((secret) => {
secret.grantRead(executionRole);
});
}

this.jobDefinitionArn = this.getResourceArnAttribute(jobDef.ref, {
service: 'batch',
resource: 'job-definition',
Expand Down Expand Up @@ -507,6 +522,14 @@ export class JobDefinition extends Resource implements IJobDefinition {
return {
command: container.command,
environment: this.deserializeEnvVariables(container.environment),
secrets: container.secrets
? Object.entries(container.secrets).map(([key, value]) => {
return {
name: key,
valueFrom: value.arn,
};
})
: undefined,
image: this.imageConfig.imageName,
instanceType: container.instanceType && container.instanceType.toString(),
jobRoleArn: container.jobRole && container.jobRole.roleArn,
Expand Down
1 change: 1 addition & 0 deletions packages/@aws-cdk/aws-batch/rosetta/default.ts-fixture
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import { Stack } from '@aws-cdk/core';
import * as ec2 from '@aws-cdk/aws-ec2';
import * as batch from '@aws-cdk/aws-batch';
import * as ecs from '@aws-cdk/aws-ecs';
import * as secretsmanager from '@aws-cdk/aws-secretsmanager';

class Fixture extends Stack {
constructor(scope: Construct, id: string) {
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
{
"version": "20.0.0",
"files": {
"d3685c79f9ec67f5dd6fda839a136b079f201b3d72695fe0ea3b3788c3471cc8": {
"source": {
"path": "batch-stack.template.json",
"packaging": "file"
},
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
"objectKey": "d3685c79f9ec67f5dd6fda839a136b079f201b3d72695fe0ea3b3788c3471cc8.json",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
}
},
"dockerImages": {}
}
Original file line number Diff line number Diff line change
Expand Up @@ -1365,6 +1365,14 @@
"UpdateReplacePolicy": "Retain",
"DeletionPolicy": "Retain"
},
"batchsecret7CD5E4C6": {
"Type": "AWS::SecretsManager::Secret",
"Properties": {
"GenerateSecretString": {}
},
"UpdateReplacePolicy": "Delete",
"DeletionPolicy": "Delete"
},
"batchjobdeffromecrE0E30DAD": {
"Type": "AWS::Batch::JobDefinition",
"Properties": {
Expand Down Expand Up @@ -1486,6 +1494,32 @@
}
}
},
"executionroleDefaultPolicy497F11A3": {
"Type": "AWS::IAM::Policy",
"Properties": {
"PolicyDocument": {
"Statement": [
{
"Action": [
"secretsmanager:DescribeSecret",
"secretsmanager:GetSecretValue"
],
"Effect": "Allow",
"Resource": {
"Ref": "batchsecret7CD5E4C6"
}
}
],
"Version": "2012-10-17"
},
"PolicyName": "executionroleDefaultPolicy497F11A3",
"Roles": [
{
"Ref": "executionroleD9A39BE6"
}
]
}
},
"batchjobdeffargate7FE30059": {
"Type": "AWS::Batch::JobDefinition",
"Properties": {
Expand All @@ -1509,6 +1543,14 @@
"Type": "MEMORY",
"Value": "512"
}
],
"Secrets": [
{
"Name": "SECRET",
"ValueFrom": {
"Ref": "batchsecret7CD5E4C6"
}
}
]
},
"PlatformCapabilities": [
Expand Down
Original file line number Diff line number Diff line change
@@ -1 +1 @@
{"version":"17.0.0"}
{"version":"20.0.0"}
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"version": "18.0.0",
"version": "20.0.0",
"testCases": {
"aws-batch/test/integ.batch": {
"integ.batch": {
"stacks": [
"batch-stack"
],
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{
"version": "17.0.0",
"version": "20.0.0",
"artifacts": {
"Tree": {
"type": "cdk:tree",
Expand Down Expand Up @@ -285,6 +285,12 @@
"data": "batchjobrepo4C508C51"
}
],
"/batch-stack/batch-secret/Resource": [
{
"type": "aws:cdk:logicalId",
"data": "batchsecret7CD5E4C6"
}
],
"/batch-stack/batch-job-def-from-ecr/Resource": [
{
"type": "aws:cdk:logicalId",
Expand All @@ -303,6 +309,12 @@
"data": "executionroleD9A39BE6"
}
],
"/batch-stack/execution-role/DefaultPolicy/Resource": [
{
"type": "aws:cdk:logicalId",
"data": "executionroleDefaultPolicy497F11A3"
}
],
"/batch-stack/batch-job-def-fargate/Resource": [
{
"type": "aws:cdk:logicalId",
Expand Down
Loading

0 comments on commit b67950d

Please sign in to comment.