diff --git a/CHANGELOG.v2.alpha.md b/CHANGELOG.v2.alpha.md index be6685a57655e..b273fa1d1a2aa 100644 --- a/CHANGELOG.v2.alpha.md +++ b/CHANGELOG.v2.alpha.md @@ -2,6 +2,8 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [2.66.1-alpha.0](https://github.com/aws/aws-cdk/compare/v2.66.0-alpha.0...v2.66.1-alpha.0) (2023-02-23) + ## [2.66.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.65.0-alpha.0...v2.66.0-alpha.0) (2023-02-21) diff --git a/CHANGELOG.v2.md b/CHANGELOG.v2.md index a8548976c3d97..b517ec1dfa68c 100644 --- a/CHANGELOG.v2.md +++ b/CHANGELOG.v2.md @@ -2,6 +2,13 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [2.66.1](https://github.com/aws/aws-cdk/compare/v2.66.0...v2.66.1) (2023-02-23) + + +### Bug Fixes + +* Correct SamlConsolePrincipal for non-China ([#24277](https://github.com/aws/aws-cdk/issues/24277)) ([d562871](https://github.com/aws/aws-cdk/commit/d562871824350483e80bf6a28868280381e9e83e)), closes [#24243](https://github.com/aws/aws-cdk/issues/24243) + ## [2.66.0](https://github.com/aws/aws-cdk/compare/v2.65.0...v2.66.0) (2023-02-21) diff --git a/packages/@aws-cdk/aws-iam/lib/principals.ts b/packages/@aws-cdk/aws-iam/lib/principals.ts index db6b404cfc6e1..72c7ec400714d 100644 --- a/packages/@aws-cdk/aws-iam/lib/principals.ts +++ b/packages/@aws-cdk/aws-iam/lib/principals.ts @@ -737,7 +737,7 @@ export class SamlConsolePrincipal extends SamlPrincipal { super(samlProvider, { ...conditions, StringEquals: { - 'SAML:aud': cdk.Aws.PARTITION==='aws-cn'? 'https://signin.amazonaws.cn/saml': `https://signin.${cdk.Aws.URL_SUFFIX}/saml`, + 'SAML:aud': cdk.Aws.PARTITION==='aws-cn'? 'https://signin.amazonaws.cn/saml': 'https://signin.aws.amazon.com/saml', }, }); } diff --git a/packages/@aws-cdk/aws-iam/test/integ.saml-provider.js.snapshot/cdk-saml-provider.assets.json b/packages/@aws-cdk/aws-iam/test/integ.saml-provider.js.snapshot/cdk-saml-provider.assets.json index 44e4011015dfe..f3a4aaf5f1862 100644 --- a/packages/@aws-cdk/aws-iam/test/integ.saml-provider.js.snapshot/cdk-saml-provider.assets.json +++ b/packages/@aws-cdk/aws-iam/test/integ.saml-provider.js.snapshot/cdk-saml-provider.assets.json @@ -1,7 +1,7 @@ { "version": "30.0.0", "files": { - "adc0eedec883653ef9cbd8c66ae68791bf952df8f678cf586e78e02997e2674c": { + "3b60cda5eb73f658ff1ab1a242bd0e399cc5307d4d6493cea0171e543c6f1cc8": { "source": { "path": "cdk-saml-provider.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "adc0eedec883653ef9cbd8c66ae68791bf952df8f678cf586e78e02997e2674c.json", + "objectKey": "3b60cda5eb73f658ff1ab1a242bd0e399cc5307d4d6493cea0171e543c6f1cc8.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-iam/test/integ.saml-provider.js.snapshot/cdk-saml-provider.template.json b/packages/@aws-cdk/aws-iam/test/integ.saml-provider.js.snapshot/cdk-saml-provider.template.json index 7ec8d4d2699c0..ed4f4af28415f 100644 --- a/packages/@aws-cdk/aws-iam/test/integ.saml-provider.js.snapshot/cdk-saml-provider.template.json +++ b/packages/@aws-cdk/aws-iam/test/integ.saml-provider.js.snapshot/cdk-saml-provider.template.json @@ -15,18 +15,7 @@ "Action": "sts:AssumeRoleWithSAML", "Condition": { "StringEquals": { - "SAML:aud": { - "Fn::Join": [ - "", - [ - "https://signin.", - { - "Ref": "AWS::URLSuffix" - }, - "/saml" - ] - ] - } + "SAML:aud": "https://signin.aws.amazon.com/saml" } }, "Effect": "Allow", @@ -38,8 +27,7 @@ } ], "Version": "2012-10-17" - }, - "Description": "fix the partition issue" + } } } }, diff --git a/packages/@aws-cdk/aws-iam/test/integ.saml-provider.js.snapshot/manifest.json b/packages/@aws-cdk/aws-iam/test/integ.saml-provider.js.snapshot/manifest.json index 4e8a9d11b6371..ab1469b792e90 100644 --- a/packages/@aws-cdk/aws-iam/test/integ.saml-provider.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-iam/test/integ.saml-provider.js.snapshot/manifest.json @@ -17,7 +17,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/adc0eedec883653ef9cbd8c66ae68791bf952df8f678cf586e78e02997e2674c.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/3b60cda5eb73f658ff1ab1a242bd0e399cc5307d4d6493cea0171e543c6f1cc8.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ diff --git a/packages/@aws-cdk/aws-iam/test/integ.saml-provider.js.snapshot/tree.json b/packages/@aws-cdk/aws-iam/test/integ.saml-provider.js.snapshot/tree.json index e6fcd91ade7c9..dbd98dca5b2a3 100644 --- a/packages/@aws-cdk/aws-iam/test/integ.saml-provider.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-iam/test/integ.saml-provider.js.snapshot/tree.json @@ -56,18 +56,7 @@ "Action": "sts:AssumeRoleWithSAML", "Condition": { "StringEquals": { - "SAML:aud": { - "Fn::Join": [ - "", - [ - "https://signin.", - { - "Ref": "AWS::URLSuffix" - }, - "/saml" - ] - ] - } + "SAML:aud": "https://signin.aws.amazon.com/saml" } }, "Effect": "Allow", @@ -79,8 +68,7 @@ } ], "Version": "2012-10-17" - }, - "description": "fix the partition issue" + } } }, "constructInfo": { @@ -129,7 +117,7 @@ "path": "saml-provider-test/DefaultTest/Default", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.249" + "version": "10.1.252" } }, "DeployAssert": { @@ -175,7 +163,7 @@ "path": "Tree", "constructInfo": { "fqn": "constructs.Construct", - "version": "10.1.249" + "version": "10.1.252" } } }, diff --git a/packages/@aws-cdk/aws-iam/test/integ.saml-provider.ts b/packages/@aws-cdk/aws-iam/test/integ.saml-provider.ts index efaadeffe9e1f..57f35b21d1afd 100644 --- a/packages/@aws-cdk/aws-iam/test/integ.saml-provider.ts +++ b/packages/@aws-cdk/aws-iam/test/integ.saml-provider.ts @@ -1,3 +1,4 @@ +/// !cdk-integ saml* import * as path from 'path'; import { App, Stack, StackProps } from '@aws-cdk/core'; import { IntegTest } from '@aws-cdk/integ-tests'; @@ -14,7 +15,6 @@ class TestStack extends Stack { new iam.Role(this, 'Role', { assumedBy: new iam.SamlConsolePrincipal(provider), - description: 'fix the partition issue', }); } } diff --git a/packages/@aws-cdk/aws-iam/test/principals.test.ts b/packages/@aws-cdk/aws-iam/test/principals.test.ts index 5114a55bf16ac..80e9efe10d5fb 100644 --- a/packages/@aws-cdk/aws-iam/test/principals.test.ts +++ b/packages/@aws-cdk/aws-iam/test/principals.test.ts @@ -166,9 +166,7 @@ test('SAML principal', () => { Action: 'sts:AssumeRoleWithSAML', Condition: { StringEquals: { - 'SAML:aud': { - 'Fn::Join': ['', ['https://signin.', { Ref: 'AWS::URLSuffix' }, '/saml']], - }, + 'SAML:aud': 'https://signin.aws.amazon.com/saml', }, }, Effect: 'Allow', diff --git a/version.v2.json b/version.v2.json index 95ce8e353b069..069c913a7cd3e 100644 --- a/version.v2.json +++ b/version.v2.json @@ -1,4 +1,4 @@ { - "version": "2.66.0", - "alphaVersion": "2.66.0-alpha.0" + "version": "2.66.1", + "alphaVersion": "2.66.1-alpha.0" } \ No newline at end of file