Merge branch 'main' of github.com:aws/aws-cdk

aws · May 6, 2024 · d209c9a · d209c9a
2 parents c498767 + 8e98078
commit d209c9a
Show file tree

Hide file tree

Showing 167 changed files with 10,605 additions and 10,363 deletions.
diff --git a/CHANGELOG.v2.alpha.md b/CHANGELOG.v2.alpha.md
@@ -2,6 +2,8 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+## [2.140.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.139.1-alpha.0...v2.140.0-alpha.0) (2024-05-02)
+
 ## [2.139.1-alpha.0](https://github.com/aws/aws-cdk/compare/v2.139.0-alpha.0...v2.139.1-alpha.0) (2024-04-29)
 
 ## [2.139.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.138.0-alpha.0...v2.139.0-alpha.0) (2024-04-24)

diff --git a/CHANGELOG.v2.md b/CHANGELOG.v2.md
@@ -2,6 +2,32 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+## [2.140.0](https://github.com/aws/aws-cdk/compare/v2.139.1...v2.140.0) (2024-05-02)
+
+
+### Features
+
+* update L1 CloudFormation resource definitions ([#30037](https://github.com/aws/aws-cdk/issues/30037)) ([bb7e4d8](https://github.com/aws/aws-cdk/commit/bb7e4d8bffc72adcc4ff9b15328cf54e1b8a79f7))
+* **api-gateway:** deploy RestApi to existing stage ([#29486](https://github.com/aws/aws-cdk/issues/29486)) ([f0835d9](https://github.com/aws/aws-cdk/commit/f0835d937b28172bb06990c042deaede8a88f844)), closes [#25582](https://github.com/aws/aws-cdk/issues/25582)
+* **cloudfront:** add `autoPublish` property to the `Function` ([#30030](https://github.com/aws/aws-cdk/issues/30030)) ([5dd72b8](https://github.com/aws/aws-cdk/commit/5dd72b89f20b1246ad125440e42449acd80c8be7)), closes [#30028](https://github.com/aws/aws-cdk/issues/30028)
+* **codecommit:** `kmsKey` for repository ([#29988](https://github.com/aws/aws-cdk/issues/29988)) ([5f8e52e](https://github.com/aws/aws-cdk/commit/5f8e52e0b0ef40164cdc4fa43229111eb81d6be1))
+* **ec2:** add support for environment files and variables in systemd ([#29629](https://github.com/aws/aws-cdk/issues/29629)) ([90f1aa9](https://github.com/aws/aws-cdk/commit/90f1aa9f1c9b1906953209b032e999fe4fe52bd4))
+* **efs:** allow to specify az for one-zone ([#30010](https://github.com/aws/aws-cdk/issues/30010)) ([cbf130e](https://github.com/aws/aws-cdk/commit/cbf130e90fcf2b32a29addd2014fa5da9f59abb2))
+* allow to register an existing record created manually as an alias ARecord target  ([#29565](https://github.com/aws/aws-cdk/issues/29565)) ([4f8b7db](https://github.com/aws/aws-cdk/commit/4f8b7db99ad35ff3532d6f88e377381ccb43b919)), closes [#23048](https://github.com/aws/aws-cdk/issues/23048)
+* update L1 CloudFormation resource definitions ([#29997](https://github.com/aws/aws-cdk/issues/29997)) ([c949076](https://github.com/aws/aws-cdk/commit/c949076863719eea273bffa3ab45242b79caa99c)), closes [/docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2](https://github.com/aws//docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html/issues/aws-resource-ec2) [/docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2](https://github.com/aws//docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html/issues/aws-resource-ec2)
+* **ec2:** ebs optimized instance ([#29962](https://github.com/aws/aws-cdk/issues/29962)) ([767ac65](https://github.com/aws/aws-cdk/commit/767ac6549d65493a5f6e33634865bfe6e826d880))
+* **eks:** add atomic flag for aws-eks Helm Chart ([#29454](https://github.com/aws/aws-cdk/issues/29454)) ([666f24f](https://github.com/aws/aws-cdk/commit/666f24f429c792b0023d9ae133e0449d33a0cc8a)), closes [#22254](https://github.com/aws/aws-cdk/issues/22254)
+* **events:** `fromApiDestinationAttributes` import method ([#29943](https://github.com/aws/aws-cdk/issues/29943)) ([db155e1](https://github.com/aws/aws-cdk/commit/db155e1076723c52031e06df65140b165c405a06)), closes [#29942](https://github.com/aws/aws-cdk/issues/29942)
+* **kms:** key rotation period ([#29928](https://github.com/aws/aws-cdk/issues/29928)) ([a6a5219](https://github.com/aws/aws-cdk/commit/a6a5219c96b8d45c90446b89f419cbdb3c6799ba)), closes [#29927](https://github.com/aws/aws-cdk/issues/29927)
+
+
+### Bug Fixes
+
+* **crossRegionReference:** error message missing stack information ([#29961](https://github.com/aws/aws-cdk/issues/29961)) ([4f1c94b](https://github.com/aws/aws-cdk/commit/4f1c94b27ef7f4ceccea0ff39625c0e8add31c9f)), closes [#29699](https://github.com/aws/aws-cdk/issues/29699) [#29699](https://github.com/aws/aws-cdk/issues/29699)
+* **custom-resources:** fails to use latest SDK version ([#29958](https://github.com/aws/aws-cdk/issues/29958)) ([247aa35](https://github.com/aws/aws-cdk/commit/247aa35676b3b1ead91a56fd00e819c67a9a7285)), closes [#29891](https://github.com/aws/aws-cdk/issues/29891)
+* **stepfunctions:** regex in DistributedMap label is incorrectly escaping characters ([#29765](https://github.com/aws/aws-cdk/issues/29765)) ([7c4eb71](https://github.com/aws/aws-cdk/commit/7c4eb71a981ad90b5186cf88daf152206150df35))
+* cdk diff prints upgrade bootstrap warning even when current version exceeds the recommended version ([#29938](https://github.com/aws/aws-cdk/issues/29938)) ([28b0080](https://github.com/aws/aws-cdk/commit/28b00801a29c68dfb34c506bcbcd8c14da0402d5)), closes [#28888](https://github.com/aws/aws-cdk/issues/28888)
+
 ## [2.139.1](https://github.com/aws/aws-cdk/compare/v2.139.0...v2.139.1) (2024-04-29)
 
 

diff --git a/package.json b/package.json
@@ -20,16 +20,16 @@
     "@types/prettier": "2.6.0",
     "@yarnpkg/lockfile": "^1.1.0",
     "aws-sdk-js-codemod": "^0.28.2",
-    "cdk-generate-synthetic-examples": "^0.2.0",
+    "cdk-generate-synthetic-examples": "^0.2.1",
     "conventional-changelog-cli": "^2.2.2",
     "fs-extra": "^9.1.0",
     "graceful-fs": "^4.2.11",
     "jest-junit": "^13.2.0",
-    "jsii-diff": "1.97.0",
-    "jsii-pacmak": "1.97.0",
-    "jsii-reflect": "1.97.0",
+    "jsii-diff": "1.98.0",
+    "jsii-pacmak": "1.98.0",
+    "jsii-reflect": "1.98.0",
     "lerna": "^8.1.2",
-    "nx": "^18.3.3",
+    "nx": "^18.3.4",
     "patch-package": "^6.5.1",
     "semver": "^7.6.0",
     "standard-version": "^9.5.0",

diff --git a/packages/@aws-cdk-testing/cli-integ/lib/aws.ts b/packages/@aws-cdk-testing/cli-integ/lib/aws.ts
@@ -19,6 +19,7 @@ export class AwsClients {
   public readonly s3: AwsCaller<AWS.S3>;
   public readonly ecr: AwsCaller<AWS.ECR>;
   public readonly ecs: AwsCaller<AWS.ECS>;
+  public readonly sso: AwsCaller<AWS.SSO>;
   public readonly sns: AwsCaller<AWS.SNS>;
   public readonly iam: AwsCaller<AWS.IAM>;
   public readonly lambda: AwsCaller<AWS.Lambda>;
@@ -36,6 +37,7 @@ export class AwsClients {
     this.s3 = makeAwsCaller(AWS.S3, this.config);
     this.ecr = makeAwsCaller(AWS.ECR, this.config);
     this.ecs = makeAwsCaller(AWS.ECS, this.config);
+    this.sso = makeAwsCaller(AWS.SSO, this.config);
     this.sns = makeAwsCaller(AWS.SNS, this.config);
     this.iam = makeAwsCaller(AWS.IAM, this.config);
     this.lambda = makeAwsCaller(AWS.Lambda, this.config);

diff --git a/packages/@aws-cdk-testing/cli-integ/package.json b/packages/@aws-cdk-testing/cli-integ/package.json
@@ -39,7 +39,7 @@
   },
   "dependencies": {
     "@octokit/rest": "^18.12.0",
-    "aws-sdk": "^2.1605.0",
+    "aws-sdk": "^2.1610.0",
     "axios": "^1.6.8",
     "fs-extra": "^9.1.0",
     "glob": "^7.2.3",

diff --git a/packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/app/app.js b/packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/app/app.js
@@ -11,6 +11,7 @@ if (process.env.PACKAGE_LAYOUT_VERSION === '1') {
   var sns = require('@aws-cdk/aws-sns');
   var sqs = require('@aws-cdk/aws-sqs');
   var lambda = require('@aws-cdk/aws-lambda');
+  var sso = require('@aws-cdk/aws-sso');
   var docker = require('@aws-cdk/aws-ecr-assets');
 } else {
   var cdk = require('aws-cdk-lib');
@@ -19,6 +20,7 @@ if (process.env.PACKAGE_LAYOUT_VERSION === '1') {
     LegacyStackSynthesizer,
     aws_ec2: ec2,
     aws_ecs: ecs,
+    aws_sso: sso,
     aws_s3: s3,
     aws_ssm: ssm,
     aws_iam: iam,
@@ -68,6 +70,62 @@ class YourStack extends cdk.Stack {
   }
 }
 
+class SsoPermissionSetNoPolicy extends Stack {
+  constructor(scope, id) {
+    super(scope, id);
+
+    new sso.CfnPermissionSet(this, "permission-set-without-managed-policy", {
+      instanceArn: 'arn:aws:sso:::instance/testvalue',
+      name: 'testName',
+      permissionsBoundary: { customerManagedPolicyReference: { name: 'why', path: '/how/' }},
+     })
+  }
+}
+
+class SsoPermissionSetManagedPolicy extends Stack {
+  constructor(scope, id) {
+    super(scope, id);
+    new sso.CfnPermissionSet(this, "permission-set-with-managed-policy", {
+      managedPolicies: ['arn:aws:iam::aws:policy/administratoraccess'],
+      customerManagedPolicyReferences: [{ name: 'forSSO' }],
+      permissionsBoundary: { managedPolicyArn: 'arn:aws:iam::aws:policy/AdministratorAccess' },
+      instanceArn: 'arn:aws:sso:::instance/testvalue',
+      name: 'niceWork',
+     })
+  }
+}
+
+class SsoAssignment extends Stack {
+  constructor(scope, id) {
+    super(scope, id);
+     new sso.CfnAssignment(this, "assignment", {
+       instanceArn: 'arn:aws:sso:::instance/testvalue',
+       permissionSetArn: 'arn:aws:sso:::testvalue',
+       principalId: '11111111-2222-3333-4444-test',
+       principalType: 'USER',
+       targetId: '111111111111',
+       targetType: 'AWS_ACCOUNT'
+     });
+  }
+}
+
+class SsoInstanceAccessControlConfig extends Stack {
+  constructor(scope, id) {
+    super(scope, id);
+     new sso.CfnInstanceAccessControlAttributeConfiguration(this, 'instanceAccessControlConfig', {
+       instanceArn: 'arn:aws:sso:::instance/testvalue',
+       accessControlAttributes: [
+         { key: 'first', value: { source: ['a'] } },
+         { key: 'second', value: { source: ['b'] } },
+         { key: 'third', value: { source: ['c'] } },
+         { key: 'fourth', value: { source: ['d'] } },
+         { key: 'fifth', value: { source: ['e'] } },
+         { key: 'sixth', value: { source: ['f'] } },
+       ]
+     })
+  }
+}
+
 class ListMultipleDependentStack extends Stack {
   constructor(scope, id) {
     super(scope, id);
@@ -591,6 +649,13 @@ switch (stackSet) {
     new EcsHotswapStack(app, `${stackPrefix}-ecs-hotswap`);
     new DockerStack(app, `${stackPrefix}-docker`);
     new DockerStackWithCustomFile(app, `${stackPrefix}-docker-with-custom-file`);
+
+    // SSO stacks
+    new SsoInstanceAccessControlConfig(app, `${stackPrefix}-sso-access-control`);
+    new SsoAssignment(app, `${stackPrefix}-sso-assignment`);
+    new SsoPermissionSetManagedPolicy(app, `${stackPrefix}-sso-perm-set-with-managed-policy`);
+    new SsoPermissionSetNoPolicy(app, `${stackPrefix}-sso-perm-set-without-managed-policy`);
+
     const failed = new FailedStack(app, `${stackPrefix}-failed`)
 
     // A stack that depends on the failed stack -- used to test that '-e' does not deploy the failing stack