Skip to content

Commit

Permalink
Merge branch 'master' into dzhuneyt/issue-16169
Browse files Browse the repository at this point in the history
  • Loading branch information
mergify[bot] authored Feb 4, 2022
2 parents 9446541 + a1d94b3 commit 76f79c6
Show file tree
Hide file tree
Showing 267 changed files with 4,293 additions and 747 deletions.
28 changes: 28 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,34 @@

All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.

## [1.143.0](https://github.com/aws/aws-cdk/compare/v1.142.0...v1.143.0) (2022-02-02)


### Features

* **amplify:** support performance mode in Branch ([#18598](https://github.com/aws/aws-cdk/issues/18598)) ([bdeb8eb](https://github.com/aws/aws-cdk/commit/bdeb8eb604f5012ce3180d2f6d887fed1834e4f4)), closes [#18557](https://github.com/aws/aws-cdk/issues/18557)
* **cfnspec:** cloudformation spec v54.0.0 ([#18764](https://github.com/aws/aws-cdk/issues/18764)) ([71601c1](https://github.com/aws/aws-cdk/commit/71601c115a6460b4532a34c83100ae70a476fad2))
* **cloudwatch-actions:** add ssm opsitem action for cloudwatch alarm ([#16923](https://github.com/aws/aws-cdk/issues/16923)) ([9380885](https://github.com/aws/aws-cdk/commit/93808851415bff269418f28d9de3c61727e143d3)), closes [#16861](https://github.com/aws/aws-cdk/issues/16861)
* **dynamodb:** allow setting TableClass for a Table ([#18719](https://github.com/aws/aws-cdk/issues/18719)) ([73a889e](https://github.com/aws/aws-cdk/commit/73a889eba85d0aa542ac96a1124f3ae4f1d351bc)), closes [#18718](https://github.com/aws/aws-cdk/issues/18718)
* **ec2:** support KMS keys for block device mappings for both instances and launch templates ([#18326](https://github.com/aws/aws-cdk/issues/18326)) ([17dbe5f](https://github.com/aws/aws-cdk/commit/17dbe5f476ac1ccc0c0e6a0905b0de5ae6186704)), closes [#18309](https://github.com/aws/aws-cdk/issues/18309)
* **ecr:** add server-side encryption configuration ([#16966](https://github.com/aws/aws-cdk/issues/16966)) ([c46acd5](https://github.com/aws/aws-cdk/commit/c46acd5f13442c43d0c2ed339e3091dd46002741)), closes [#15400](https://github.com/aws/aws-cdk/issues/15400) [#15571](https://github.com/aws/aws-cdk/issues/15571)
* **ecs:** expose image name in container definition ([#17793](https://github.com/aws/aws-cdk/issues/17793)) ([1947d7c](https://github.com/aws/aws-cdk/commit/1947d7cc809fda0765bee3dbb2286190ec2847f7))
* **fsx:** add support for FSx Lustre Persistent_2 deployment type ([#18626](https://github.com/aws/aws-cdk/issues/18626)) ([6036d99](https://github.com/aws/aws-cdk/commit/6036d9927bb3607e31a57361bf304976ff1891f7))
* **iot:** add Action to republish MQTT messages to another MQTT topic ([#18661](https://github.com/aws/aws-cdk/issues/18661)) ([7ac1215](https://github.com/aws/aws-cdk/commit/7ac121546776cae972bbfb89c2a11949762e7c47))


### Bug Fixes

* **core:** correctly reference versionless secure parameters ([#18730](https://github.com/aws/aws-cdk/issues/18730)) ([9f6e10e](https://github.com/aws/aws-cdk/commit/9f6e10ed0a751c06fe0cc1d79f38d5fb4b686087)), closes [#18729](https://github.com/aws/aws-cdk/issues/18729)
* **ec2:** `UserData.addSignalOnExitCommand` does not work in combination with `userDataCausesReplacement` ([#18726](https://github.com/aws/aws-cdk/issues/18726)) ([afdc550](https://github.com/aws/aws-cdk/commit/afdc550ee372dd25d9d2eef81a545da1e923f796)), closes [#12749](https://github.com/aws/aws-cdk/issues/12749)
* **vpc:** Vpc.fromLookup should throw if subnet group name tag is explicitly given and does not exist ([#18714](https://github.com/aws/aws-cdk/issues/18714)) ([13e1c7f](https://github.com/aws/aws-cdk/commit/13e1c7f10b81fc350953fe69fcccb61ff5aa9c1e)), closes [#13962](https://github.com/aws/aws-cdk/issues/13962)


### Reverts

* "chore(cloudfront): encryption and enforceSSL on distribution s3 loggingBucket ([#18264](https://github.com/aws/aws-cdk/issues/18264))" ([#18772](https://github.com/aws/aws-cdk/issues/18772)) ([121e4a1](https://github.com/aws/aws-cdk/commit/121e4a1dec13d31644f6176d0a1d703952dc1ba3)), closes [#18271](https://github.com/aws/aws-cdk/issues/18271) [/docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html#AWS-logs-infrastructure-S3](https://github.com/aws//docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html/issues/AWS-logs-infrastructure-S3) [#18676](https://github.com/aws/aws-cdk/issues/18676)
* "chore(ec2): enforceSSL on flowLog s3 bucket ([#18271](https://github.com/aws/aws-cdk/issues/18271))" ([#18770](https://github.com/aws/aws-cdk/issues/18770)) ([a2eb092](https://github.com/aws/aws-cdk/commit/a2eb092b2b468bffa2acde9b98ca34cefa3e48f1)), closes [/docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html#AWS-logs-infrastructure-S3](https://github.com/aws//docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html/issues/AWS-logs-infrastructure-S3) [#18676](https://github.com/aws/aws-cdk/issues/18676)

## [1.142.0](https://github.com/aws/aws-cdk/compare/v1.141.0...v1.142.0) (2022-01-28)


Expand Down
4 changes: 3 additions & 1 deletion packages/@aws-cdk/aws-amplify/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -97,7 +97,9 @@ Add branches:
declare const amplifyApp: amplify.App;

const master = amplifyApp.addBranch('master'); // `id` will be used as repo branch name
const dev = amplifyApp.addBranch('dev');
const dev = amplifyApp.addBranch('dev', {
performanceMode: true, // optional, enables performance mode
});
dev.addEnvironment('STAGE', 'dev');
```

Expand Down
12 changes: 12 additions & 0 deletions packages/@aws-cdk/aws-amplify/lib/branch.ts
Original file line number Diff line number Diff line change
Expand Up @@ -114,6 +114,17 @@ export interface BranchOptions {
* @default - no asset
*/
readonly asset?: Asset

/**
* Enables performance mode for the branch.
*
* Performance mode optimizes for faster hosting performance by keeping content cached at the edge
* for a longer interval. When performance mode is enabled, hosting configuration or code changes
* can take up to 10 minutes to roll out.
*
* @default false
*/
readonly performanceMode?: boolean;
}

/**
Expand Down Expand Up @@ -168,6 +179,7 @@ export class Branch extends Resource implements IBranch {
environmentVariables: Lazy.any({ produce: () => renderEnvironmentVariables(this.environmentVariables) }, { omitEmptyArray: true }),
pullRequestEnvironmentName: props.pullRequestEnvironmentName,
stage: props.stage,
enablePerformanceMode: props.performanceMode,
});

this.arn = branch.attrArn;
Expand Down
12 changes: 12 additions & 0 deletions packages/@aws-cdk/aws-amplify/test/branch.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -162,3 +162,15 @@ test('with asset deployment', () => {
},
});
});

test('with performance mode', () => {
// WHEN
app.addBranch('dev', {
performanceMode: true,
});

// THEN
Template.fromStack(stack).hasResourceProperties('AWS::Amplify::Branch', {
EnablePerformanceMode: true,
});
});
5 changes: 1 addition & 4 deletions packages/@aws-cdk/aws-cloudfront/lib/distribution.ts
Original file line number Diff line number Diff line change
Expand Up @@ -430,10 +430,7 @@ export class Distribution extends Resource implements IDistribution {
throw new Error('Explicitly disabled logging but provided a logging bucket.');
}

const bucket = props.logBucket ?? new s3.Bucket(this, 'LoggingBucket', {
encryption: s3.BucketEncryption.S3_MANAGED,
enforceSSL: true,
});
const bucket = props.logBucket ?? new s3.Bucket(this, 'LoggingBucket');
return {
bucket: bucket.bucketRegionalDomainName,
includeCookies: props.logIncludesCookies,
Expand Down
5 changes: 1 addition & 4 deletions packages/@aws-cdk/aws-cloudfront/lib/web-distribution.ts
Original file line number Diff line number Diff line change
Expand Up @@ -954,10 +954,7 @@ export class CloudFrontWebDistribution extends cdk.Resource implements IDistribu
}

if (props.loggingConfig) {
this.loggingBucket = props.loggingConfig.bucket || new s3.Bucket(this, 'LoggingBucket', {
encryption: s3.BucketEncryption.S3_MANAGED,
enforceSSL: true,
});
this.loggingBucket = props.loggingConfig.bucket || new s3.Bucket(this, 'LoggingBucket');
distributionConfig = {
...distributionConfig,
logging: {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -75,67 +75,9 @@
},
"AnAmazingWebsiteProbably2LoggingBucket222F7CE9": {
"Type": "AWS::S3::Bucket",
"Properties": {
"BucketEncryption": {
"ServerSideEncryptionConfiguration": [
{
"ServerSideEncryptionByDefault": {
"SSEAlgorithm": "AES256"
}
}
]
}
},
"UpdateReplacePolicy": "Retain",
"DeletionPolicy": "Retain"
},
"AnAmazingWebsiteProbably2LoggingBucketPolicyE298B456": {
"Type": "AWS::S3::BucketPolicy",
"Properties": {
"Bucket": {
"Ref": "AnAmazingWebsiteProbably2LoggingBucket222F7CE9"
},
"PolicyDocument": {
"Statement": [
{
"Action": "s3:*",
"Condition": {
"Bool": {
"aws:SecureTransport": "false"
}
},
"Effect": "Deny",
"Principal": {
"AWS": "*"
},
"Resource": [
{
"Fn::GetAtt": [
"AnAmazingWebsiteProbably2LoggingBucket222F7CE9",
"Arn"
]
},
{
"Fn::Join": [
"",
[
{
"Fn::GetAtt": [
"AnAmazingWebsiteProbably2LoggingBucket222F7CE9",
"Arn"
]
},
"/*"
]
]
}
]
}
],
"Version": "2012-10-17"
}
}
},
"AnAmazingWebsiteProbably2CFDistribution7C1CCD12": {
"Type": "AWS::CloudFront::Distribution",
"Properties": {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,67 +2,9 @@
"Resources": {
"MyDistLoggingBucket9B8976BC": {
"Type": "AWS::S3::Bucket",
"Properties": {
"BucketEncryption": {
"ServerSideEncryptionConfiguration": [
{
"ServerSideEncryptionByDefault": {
"SSEAlgorithm": "AES256"
}
}
]
}
},
"UpdateReplacePolicy": "Retain",
"DeletionPolicy": "Retain"
},
"MyDistLoggingBucketPolicy847D8D11": {
"Type": "AWS::S3::BucketPolicy",
"Properties": {
"Bucket": {
"Ref": "MyDistLoggingBucket9B8976BC"
},
"PolicyDocument": {
"Statement": [
{
"Action": "s3:*",
"Condition": {
"Bool": {
"aws:SecureTransport": "false"
}
},
"Effect": "Deny",
"Principal": {
"AWS": "*"
},
"Resource": [
{
"Fn::GetAtt": [
"MyDistLoggingBucket9B8976BC",
"Arn"
]
},
{
"Fn::Join": [
"",
[
{
"Fn::GetAtt": [
"MyDistLoggingBucket9B8976BC",
"Arn"
]
},
"/*"
]
]
}
]
}
],
"Version": "2012-10-17"
}
}
},
"MyDistDB88FD9A": {
"Type": "AWS::CloudFront::Distribution",
"Properties": {
Expand Down
15 changes: 14 additions & 1 deletion packages/@aws-cdk/aws-cloudwatch-actions/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@

This library contains a set of classes which can be used as CloudWatch Alarm actions.

The currently implemented actions are: EC2 Actions, SNS Actions, Autoscaling Actions and Aplication Autoscaling Actions
The currently implemented actions are: EC2 Actions, SNS Actions, SSM OpsCenter Actions, Autoscaling Actions and Application Autoscaling Actions


## EC2 Action Example
Expand All @@ -25,4 +25,17 @@ alarm.addAlarmAction(
);
```

## SSM OpsCenter Action Example

```ts
declare const alarm: cloudwatch.Alarm;
// Create an OpsItem with specific severity and category when alarm triggers
alarm.addAlarmAction(
new actions.SsmAction(
actions.OpsItemSeverity.CRITICAL,
actions.OpsItemCategory.PERFORMANCE // category is optional
)
);
```

See `@aws-cdk/aws-cloudwatch` for more information.
1 change: 1 addition & 0 deletions packages/@aws-cdk/aws-cloudwatch-actions/lib/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -2,3 +2,4 @@ export * from './appscaling';
export * from './autoscaling';
export * from './sns';
export * from './ec2';
export * from './ssm';
79 changes: 79 additions & 0 deletions packages/@aws-cdk/aws-cloudwatch-actions/lib/ssm.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
import * as cloudwatch from '@aws-cdk/aws-cloudwatch';
import { Stack } from '@aws-cdk/core';

// keep this import separate from other imports to reduce chance for merge conflicts with v2-main
// eslint-disable-next-line no-duplicate-imports, import/order
import { Construct } from '@aws-cdk/core';

/**
* Types of OpsItem severity available
*/
export enum OpsItemSeverity {
/**
* Set the severity to critical
*/
CRITICAL = '1',
/**
* Set the severity to high
*/
HIGH = '2',
/**
* Set the severity to medium
*/
MEDIUM = '3',
/**
* Set the severity to low
*/
LOW = '4'
}

/**
* Types of OpsItem category available
*/
export enum OpsItemCategory {
/**
* Set the category to availability
*/
AVAILABILITY = 'Availability',
/**
* Set the category to cost
*/
COST = 'Cost',
/**
* Set the category to performance
*/
PERFORMANCE = 'Performance',
/**
* Set the category to recovery
*/
RECOVERY = 'Recovery',
/**
* Set the category to security
*/
SECURITY = 'Security'
}

/**
* Use an SSM OpsItem action as an Alarm action
*/
export class SsmAction implements cloudwatch.IAlarmAction {
private severity: OpsItemSeverity;
private category?: OpsItemCategory;

constructor(severity: OpsItemSeverity, category?: OpsItemCategory) {
this.severity = severity;
this.category = category;
}

/**
* Returns an alarm action configuration to use an SSM OpsItem action as an alarm action
*/
bind(_scope: Construct, _alarm: cloudwatch.IAlarm): cloudwatch.AlarmActionConfig {
if (this.category === undefined) {
return { alarmActionArn: `arn:aws:ssm:${Stack.of(_scope).region}:${Stack.of(_scope).account}:opsitem:${this.severity}` };
} else {
return { alarmActionArn: `arn:aws:ssm:${Stack.of(_scope).region}:${Stack.of(_scope).account}:opsitem:${this.severity}#CATEGORY=${this.category}` };
}
}
}

Loading

0 comments on commit 76f79c6

Please sign in to comment.