Skip to content

Commit

Permalink
Merge branch 'aws:mainline' into demo_branch
Browse files Browse the repository at this point in the history
  • Loading branch information
@Varun359
Varun359 authored Jun 15, 2023
2 parents 7c4574f + 4ef0a6f commit c21a452
Show file tree
Hide file tree
Showing 14 changed files with 287 additions and 5 deletions.
2 changes: 1 addition & 1 deletion .release/buildspec_e2e.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -231,7 +231,7 @@ batch:
APP_REGION: eu-central-1
APP_ACCOUNT: e2e/account/static_site
TESTENV_REGION: eu-central-1
TEST_ACCOUNT: e2e/account/static_site
TESTENV_ACCOUNT: e2e/account/static_site

phases:
install:
Expand Down
2 changes: 1 addition & 1 deletion e2e/apprunner/apprunner_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -240,7 +240,7 @@ var _ = Describe("App Runner", Ordered, func() {
Since: "1h",
})
return svcLogs, svcLogsErr
}, "120s", "10s").ShouldNot(BeEmpty())
}, "300s", "10s").ShouldNot(BeEmpty())

for _, logLine := range svcLogs {
Expect(logLine.Message).NotTo(Equal(""))
Expand Down
2 changes: 2 additions & 0 deletions e2e/isolated/isolated_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -215,6 +215,8 @@ var _ = Describe("Isolated", func() {
// Use custom SSM plugin as the public version is not compatible to Alpine Linux.
err := client.BashExec("chmod +x ./session-manager-plugin")
Expect(err).NotTo(HaveOccurred())
err = client.BashExec("mv ./session-manager-plugin /bin/session-manager-plugin")
Expect(err).NotTo(HaveOccurred())
})
It("is reachable", func() {
_, svcExecErr := cli.SvcExec(&client.SvcExecRequest{
Expand Down
35 changes: 35 additions & 0 deletions ...al/pkg/deploy/cloudformation/stack/testdata/environments/template-with-basic-manifest.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1023,6 +1023,41 @@ Resources:
SubnetIds:
- !Ref PrivateSubnet1
- !Ref PrivateSubnet2
LogResourcePolicy:
Metadata:
'aws:copilot:description': 'A resource policy to allow AWS services to create log streams for your workloads.'
Type: AWS::Logs::ResourcePolicy
Properties:
PolicyName: !Sub '${AppName}-${EnvName}-LogResourcePolicy'
PolicyDocument:
Fn::Sub: |
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "StateMachineToCloudWatchLogs",
"Effect": "Allow",
"Principal": {
"Service": ["delivery.logs.amazonaws.com"]
},
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": [
"arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:/copilot/${AppName}-${EnvName}-*:log-stream:*"
],
"Condition": {
"StringEquals": {
"aws:SourceAccount": "${AWS::AccountId}"
},
"ArnLike": {
"aws:SourceArn": "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:*"
}
}
}
]
}
Outputs:
VpcId:
Value: !Ref VPC
Expand Down
35 changes: 35 additions & 0 deletions ...loy/cloudformation/stack/testdata/environments/template-with-cloudfront-observability.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1071,6 +1071,41 @@ Resources:
SubnetIds:
- !Ref PrivateSubnet1
- !Ref PrivateSubnet2
LogResourcePolicy:
Metadata:
'aws:copilot:description': 'A resource policy to allow AWS services to create log streams for your workloads.'
Type: AWS::Logs::ResourcePolicy
Properties:
PolicyName: !Sub '${AppName}-${EnvName}-LogResourcePolicy'
PolicyDocument:
Fn::Sub: |
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "StateMachineToCloudWatchLogs",
"Effect": "Allow",
"Principal": {
"Service": ["delivery.logs.amazonaws.com"]
},
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": [
"arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:/copilot/${AppName}-${EnvName}-*:log-stream:*"
],
"Condition": {
"StringEquals": {
"aws:SourceAccount": "${AWS::AccountId}"
},
"ArnLike": {
"aws:SourceArn": "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:*"
}
}
}
]
}
Outputs:
VpcId:
Value: !Ref VPC
Expand Down
35 changes: 35 additions & 0 deletions ...deploy/cloudformation/stack/testdata/environments/template-with-custom-security-group.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -944,6 +944,41 @@ Resources:
SubnetIds:
- !Ref PrivateSubnet1
- !Ref PrivateSubnet2
LogResourcePolicy:
Metadata:
'aws:copilot:description': 'A resource policy to allow AWS services to create log streams for your workloads.'
Type: AWS::Logs::ResourcePolicy
Properties:
PolicyName: !Sub '${AppName}-${EnvName}-LogResourcePolicy'
PolicyDocument:
Fn::Sub: |
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "StateMachineToCloudWatchLogs",
"Effect": "Allow",
"Principal": {
"Service": ["delivery.logs.amazonaws.com"]
},
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": [
"arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:/copilot/${AppName}-${EnvName}-*:log-stream:*"
],
"Condition": {
"StringEquals": {
"aws:SourceAccount": "${AWS::AccountId}"
},
"ArnLike": {
"aws:SourceArn": "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:*"
}
}
}
]
}
Outputs:
VpcId:
Value: !Ref VPC
Expand Down
35 changes: 35 additions & 0 deletions ...oy/cloudformation/stack/testdata/environments/template-with-default-access-log-config.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1122,6 +1122,41 @@ Resources:
SubnetIds:
- !Ref PrivateSubnet1
- !Ref PrivateSubnet2
LogResourcePolicy:
Metadata:
'aws:copilot:description': 'A resource policy to allow AWS services to create log streams for your workloads.'
Type: AWS::Logs::ResourcePolicy
Properties:
PolicyName: !Sub '${AppName}-${EnvName}-LogResourcePolicy'
PolicyDocument:
Fn::Sub: |
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "StateMachineToCloudWatchLogs",
"Effect": "Allow",
"Principal": {
"Service": ["delivery.logs.amazonaws.com"]
},
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": [
"arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:/copilot/${AppName}-${EnvName}-*:log-stream:*"
],
"Condition": {
"StringEquals": {
"aws:SourceAccount": "${AWS::AccountId}"
},
"ArnLike": {
"aws:SourceArn": "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:*"
}
}
}
]
}
Outputs:
VpcId:
Value: !Ref VPC
Expand Down
35 changes: 35 additions & 0 deletions ...g/deploy/cloudformation/stack/testdata/environments/template-with-defaultvpc-flowlogs.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1079,6 +1079,41 @@ Resources:
SubnetIds:
- !Ref PrivateSubnet1
- !Ref PrivateSubnet2
LogResourcePolicy:
Metadata:
'aws:copilot:description': 'A resource policy to allow AWS services to create log streams for your workloads.'
Type: AWS::Logs::ResourcePolicy
Properties:
PolicyName: !Sub '${AppName}-${EnvName}-LogResourcePolicy'
PolicyDocument:
Fn::Sub: |
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "StateMachineToCloudWatchLogs",
"Effect": "Allow",
"Principal": {
"Service": ["delivery.logs.amazonaws.com"]
},
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": [
"arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:/copilot/${AppName}-${EnvName}-*:log-stream:*"
],
"Condition": {
"StringEquals": {
"aws:SourceAccount": "${AWS::AccountId}"
},
"ArnLike": {
"aws:SourceArn": "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:*"
}
}
}
]
}
Outputs:
VpcId:
Value: !Ref VPC
Expand Down
35 changes: 35 additions & 0 deletions ...tdata/environments/template-with-imported-certs-sslpolicy-custom-empty-security-group.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -921,6 +921,41 @@ Resources:
SubnetIds:
- !Ref PrivateSubnet1
- !Ref PrivateSubnet2
LogResourcePolicy:
Metadata:
'aws:copilot:description': 'A resource policy to allow AWS services to create log streams for your workloads.'
Type: AWS::Logs::ResourcePolicy
Properties:
PolicyName: !Sub '${AppName}-${EnvName}-LogResourcePolicy'
PolicyDocument:
Fn::Sub: |
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "StateMachineToCloudWatchLogs",
"Effect": "Allow",
"Principal": {
"Service": ["delivery.logs.amazonaws.com"]
},
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": [
"arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:/copilot/${AppName}-${EnvName}-*:log-stream:*"
],
"Condition": {
"StringEquals": {
"aws:SourceAccount": "${AWS::AccountId}"
},
"ArnLike": {
"aws:SourceArn": "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:*"
}
}
}
]
}
Outputs:
VpcId:
Value: !Ref VPC
Expand Down
35 changes: 35 additions & 0 deletions .../deploy/cloudformation/stack/testdata/environments/template-with-importedvpc-flowlogs.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -873,6 +873,41 @@ Resources:
- logs:DescribeLogGroups
- logs:DescribeLogStreams
Resource: "*"
LogResourcePolicy:
Metadata:
'aws:copilot:description': 'A resource policy to allow AWS services to create log streams for your workloads.'
Type: AWS::Logs::ResourcePolicy
Properties:
PolicyName: !Sub '${AppName}-${EnvName}-LogResourcePolicy'
PolicyDocument:
Fn::Sub: |
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "StateMachineToCloudWatchLogs",
"Effect": "Allow",
"Principal": {
"Service": ["delivery.logs.amazonaws.com"]
},
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": [
"arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:/copilot/${AppName}-${EnvName}-*:log-stream:*"
],
"Condition": {
"StringEquals": {
"aws:SourceAccount": "${AWS::AccountId}"
},
"ArnLike": {
"aws:SourceArn": "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:*"
}
}
}
]
}
Outputs:
VpcId:
Value: vpc-12345
Expand Down
2 changes: 1 addition & 1 deletion internal/pkg/deploy/env.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ const (
// LegacyEnvTemplateVersion is the version associated with the environment template before we started versioning.
LegacyEnvTemplateVersion = "v0.0.0"
// LatestEnvTemplateVersion is the latest version number available for environment templates.
LatestEnvTemplateVersion = "v1.13.0"
LatestEnvTemplateVersion = "v1.14.0"
// EnvTemplateVersionBootstrap is the version of an environment template that contains only bootstrap resources.
EnvTemplateVersionBootstrap = "bootstrap"
)
Expand Down
36 changes: 35 additions & 1 deletion internal/pkg/template/templates/environment/cf.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -660,7 +660,41 @@ Resources:
{{- end}}
TemplateURL: {{.Addons.URL}}
{{- end }}

LogResourcePolicy:
Metadata:
'aws:copilot:description': 'A resource policy to allow AWS services to create log streams for your workloads.'
Type: AWS::Logs::ResourcePolicy
Properties:
PolicyName: !Sub '${AppName}-${EnvName}-LogResourcePolicy'
PolicyDocument:
Fn::Sub: |
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "StateMachineToCloudWatchLogs",
"Effect": "Allow",
"Principal": {
"Service": ["delivery.logs.amazonaws.com"]
},
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": [
"arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:/copilot/${AppName}-${EnvName}-*:log-stream:*"
],
"Condition": {
"StringEquals": {
"aws:SourceAccount": "${AWS::AccountId}"
},
"ArnLike": {
"aws:SourceArn": "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:*"
}
}
}
]
}
Outputs:
VpcId:
{{- if .VPCConfig.Imported}}
Expand Down
2 changes: 1 addition & 1 deletion internal/pkg/template/templates/environment/partials/environment-manager-role.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -297,4 +297,4 @@ EnvironmentManagerRole:
- 'cloudformation:DescribeStacks'
- 'cloudformation:DeleteStack'
Resource:
- !Sub 'arn:${AWS::Partition}:cloudformation:${AWS::Region}:${AWS::AccountId}:stack/${AWS::StackName}/*'
- !Sub 'arn:${AWS::Partition}:cloudformation:${AWS::Region}:${AWS::AccountId}:stack/${AWS::StackName}/*'
1 change: 1 addition & 0 deletions site/content/community/guides.en.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ Share your applications, videos, and blog posts with fellow Copilots!

| Title | Description |
|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------|
|[**Scalable Cloud inference endpoint using ONNX and AWS Fargate**](https://awstip.com/scalable-cloud-inference-endpoint-using-onnx-and-aws-fargate-20e142d14bb2) by <a href="https://ryfeus.medium.com/about">Rustem Feyzkhanov</a> | Machine Learning engineer Rustem Feyzkhanov couples the ease of Copilot with the flexibility of the Open Neural Network Exchange (ONNX) AI framework. |
| [**Implementing a pub/sub architecture with AWS Copilot**](https://aws.amazon.com/blogs/containers/implementing-a-pub-sub-architecture-with-aws-copilot/) by Rafael Mosca | AWS Territory Solutions Architect Rafael Mosca leverages Copilot to quickly and easily implement the pub-sub architecture of a sample e-commerce platform. Clear steps and diagrams make concepts easy to learn. |
| [**Using Copilot to Deploy, Manage, and Secure Apps on ECS**](https://christophef.medium.com/using-copilot-to-deploy-manage-and-secure-apps-on-ecs-4b581e087c93) by <a href="https://christophef.medium.com/">@christophef</a> | Christophe demonstrates how to deploy, manage, and secure your apps in AWS ECS and how favorable it is for most software companies that want to concentrate on building amazing apps and don’t want to spend time managing clusters, pipelines, etc. |
| [**Deploy Containers using AWS Copilot**](https://awstip.com/deploy-containers-using-aws-copilot-2213e1a81f90) by <a href="https://piumsudhara.medium.com/">@piumsudhara</a> | Piumsudhara takes you through detailed steps for building and deploying containerized applications using AWS Copilot. |
Expand Down

0 comments on commit c21a452

Please sign in to comment.