diff --git a/.changeset/popular-laws-thank.md b/.changeset/popular-laws-thank.md deleted file mode 100644 index 5a41497385..0000000000 --- a/.changeset/popular-laws-thank.md +++ /dev/null @@ -1,15 +0,0 @@ ---- -"@guardian/cdk": patch ---- - -fix(experimental-ec2-pattern): Create Policy first - -When deploying Prism with the `GuEc2AppExperimental` for the first time, the deployment failed with the cloud-init-output logs stating: - -```log -An error occurred (AccessDenied) when calling the DescribeTargetHealth operation: User: arn:aws:sts::000000000000:assumed-role/prism-CODE-InstanceRolePrism/i-0cee86d64de253ca4 is not authorized to perform: elasticloadbalancing:DescribeTargetHealth because no identity-based policy allows the elasticloadbalancing:DescribeTargetHealth action -``` - -This suggests the instance update was started before the policy was created. - -Make the ASG depend on the policy that grants these permissions to resolve, as CloudFormation creates dependencies first. diff --git a/.changeset/sixty-eggs-cheat.md b/.changeset/sixty-eggs-cheat.md deleted file mode 100644 index f1d68eef8a..0000000000 --- a/.changeset/sixty-eggs-cheat.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@guardian/cdk": patch ---- - -feat(experimental-ec2-pattern): Tag launch template to improve observability diff --git a/CHANGELOG.md b/CHANGELOG.md index 8a8df7ddeb..e6964bd365 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,23 @@ # @guardian/cdk +## 59.5.2 + +### Patch Changes + +- 1110a11: fix(experimental-ec2-pattern): Create Policy first + + When deploying Prism with the `GuEc2AppExperimental` for the first time, the deployment failed with the cloud-init-output logs stating: + + ```log + An error occurred (AccessDenied) when calling the DescribeTargetHealth operation: User: arn:aws:sts::000000000000:assumed-role/prism-CODE-InstanceRolePrism/i-0cee86d64de253ca4 is not authorized to perform: elasticloadbalancing:DescribeTargetHealth because no identity-based policy allows the elasticloadbalancing:DescribeTargetHealth action + ``` + + This suggests the instance update was started before the policy was created. + + Make the ASG depend on the policy that grants these permissions to resolve, as CloudFormation creates dependencies first. + +- 5add16c: feat(experimental-ec2-pattern): Tag launch template to improve observability + ## 59.5.1 ### Patch Changes diff --git a/package.json b/package.json index 9010344853..f0ba1e04d6 100644 --- a/package.json +++ b/package.json @@ -1,7 +1,7 @@ { "name": "@guardian/cdk", "description": "Generic Guardian flavoured AWS CDK components", - "version": "59.5.1", + "version": "59.5.2", "main": "lib/index.js", "types": "lib/index.d.ts", "files": [