Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(stepfunctions): add support for EncryptionConfiguration #30959

Merged
merged 47 commits into from
Sep 20, 2024
Merged

feat(stepfunctions): add support for EncryptionConfiguration #30959

merged 47 commits into from
Sep 20, 2024

Commits on Jul 15, 2024

  1. Basic implementation for EncryptionConfiguration

    Vaid Saraswat committed Jul 15, 2024
    Configuration menu
    Copy the full SHA
    3e29f48 View commit details
    Browse the repository at this point in the history

Commits on Jul 18, 2024

  1. Merge branch 'aws:main' into main

    @VaidSaraswat
    VaidSaraswat authored Jul 18, 2024
    Configuration menu
    Copy the full SHA
    4d63917 View commit details
    Browse the repository at this point in the history

Commits on Jul 26, 2024

  1. Merge branch 'aws:main' into main

    @VaidSaraswat
    VaidSaraswat authored Jul 26, 2024
    Configuration menu
    Copy the full SHA
    f9b5d7a View commit details
    Browse the repository at this point in the history

Commits on Aug 8, 2024

  1. Adding support for KMS in StateMachine and Activity resources

    Vaid Saraswat committed Aug 8, 2024
    Configuration menu
    Copy the full SHA
    971290d View commit details
    Browse the repository at this point in the history

  2. Update packages/aws-cdk-lib/aws-stepfunctions/lib/state-machine.ts 

    Co-authored-by: Adam Wong <55506708+wong-a@users.noreply.github.com>
    @VaidSaraswat @wong-a
    VaidSaraswat and wong-a authored Aug 8, 2024
    Configuration menu
    Copy the full SHA
    a44a3e0 View commit details
    Browse the repository at this point in the history

  3. Update packages/aws-cdk-lib/aws-stepfunctions/lib/state-machine.ts 

    Co-authored-by: Adam Wong <55506708+wong-a@users.noreply.github.com>
    @VaidSaraswat @wong-a
    VaidSaraswat and wong-a authored Aug 8, 2024
    Configuration menu
    Copy the full SHA
    ec8865a View commit details
    Browse the repository at this point in the history

  4. Update packages/aws-cdk-lib/aws-stepfunctions/lib/state-machine.ts 

    Co-authored-by: Adam Wong <55506708+wong-a@users.noreply.github.com>
    @VaidSaraswat @wong-a
    VaidSaraswat and wong-a authored Aug 8, 2024
    Configuration menu
    Copy the full SHA
    c1d25e9 View commit details
    Browse the repository at this point in the history

Commits on Aug 9, 2024

  1. Addressing second round of feedback

    Vaid Saraswat committed Aug 9, 2024
    Configuration menu
    Copy the full SHA
    61b69e1 View commit details
    Browse the repository at this point in the history

  2. Removed redunant optional chaining and created encryptionConfiguratio… 

    …n constructor method
    Vaid Saraswat committed Aug 9, 2024
    Configuration menu
    Copy the full SHA
    25521c4 View commit details
    Browse the repository at this point in the history

  3. Adding integrations key policy & non-null assertion for kms key in util

    Vaid Saraswat committed Aug 9, 2024
    Configuration menu
    Copy the full SHA
    2373d5a View commit details
    Browse the repository at this point in the history

Commits on Aug 11, 2024

  1. Removing condition from KMS key policy for CWL encryption

    Vaid Saraswat committed Aug 11, 2024
    Configuration menu
    Copy the full SHA
    8d605fe View commit details
    Browse the repository at this point in the history

  2. Updating CWL encryption example to provide KMS key as prop

    Vaid Saraswat committed Aug 11, 2024
    Configuration menu
    Copy the full SHA
    b2dc0e9 View commit details
    Browse the repository at this point in the history

Commits on Aug 12, 2024

  1. Adding back encryption context and updating CWL Log Group to use sepa… 

    …rate KMS Key in snapshot tests and README examples
    Vaid Saraswat committed Aug 12, 2024
    Configuration menu
    Copy the full SHA
    89a56ce View commit details
    Browse the repository at this point in the history

Commits on Aug 13, 2024

  1. Adding ActivityProps type as accepted type for constructEncryptionCon… 

    …figuration
    Vaid Saraswat committed Aug 13, 2024
    Configuration menu
    Copy the full SHA
    5ab6f60 View commit details
    Browse the repository at this point in the history

Commits on Aug 14, 2024

  1. Update packages/aws-cdk-lib/aws-stepfunctions/lib/activity.ts 

    Co-authored-by: Adam Wong <55506708+wong-a@users.noreply.github.com>
    @VaidSaraswat @wong-a
    VaidSaraswat and wong-a authored Aug 14, 2024
    Configuration menu
    Copy the full SHA
    ce62bb7 View commit details
    Browse the repository at this point in the history

  2. Update packages/aws-cdk-lib/aws-stepfunctions/lib/util.ts 

    Co-authored-by: Adam Wong <55506708+wong-a@users.noreply.github.com>
    @VaidSaraswat @wong-a
    VaidSaraswat and wong-a authored Aug 14, 2024
    Configuration menu
    Copy the full SHA
    e57602a View commit details
    Browse the repository at this point in the history

  3. Update packages/aws-cdk-lib/aws-stepfunctions/lib/util.ts 

    Co-authored-by: Adam Wong <55506708+wong-a@users.noreply.github.com>
    @VaidSaraswat @wong-a
    VaidSaraswat and wong-a authored Aug 14, 2024
    Configuration menu
    Copy the full SHA
    20bf8e5 View commit details
    Browse the repository at this point in the history

Commits on Aug 16, 2024

  1. Addressing third round of feedback

    Vaid Saraswat committed Aug 16, 2024
    Configuration menu
    Copy the full SHA
    94a1783 View commit details
    Browse the repository at this point in the history

  2. Adding assertions to snapshot tests

    Vaid Saraswat committed Aug 16, 2024
    Configuration menu
    Copy the full SHA
    7f52d32 View commit details
    Browse the repository at this point in the history

Commits on Aug 17, 2024

  1. Merge branch 'main' into feat-encryption-configuration

    @shivlaks
    shivlaks authored Aug 17, 2024
    Configuration menu
    Copy the full SHA
    de3bbc4 View commit details
    Browse the repository at this point in the history

Commits on Aug 20, 2024

  1. LogGroup key uses narrower permissions in key policy && updating snap… 

    …shot test for basic activity and state machine with CMK
    Vaid Saraswat committed Aug 20, 2024
    Configuration menu
    Copy the full SHA
    d668d9b View commit details
    Browse the repository at this point in the history

Commits on Aug 22, 2024

  1. Update packages/aws-cdk-lib/aws-stepfunctions/README.md 

    Co-authored-by: Adam Wong <55506708+wong-a@users.noreply.github.com>
    @VaidSaraswat @wong-a
    VaidSaraswat and wong-a authored Aug 22, 2024
    Configuration menu
    Copy the full SHA
    6042f32 View commit details
    Browse the repository at this point in the history

  2. Update packages/aws-cdk-lib/aws-stepfunctions/README.md 

    Co-authored-by: Adam Wong <55506708+wong-a@users.noreply.github.com>
    @VaidSaraswat @wong-a
    VaidSaraswat and wong-a authored Aug 22, 2024
    Configuration menu
    Copy the full SHA
    db31000 View commit details
    Browse the repository at this point in the history

Commits on Aug 26, 2024

  1. - Add back unit tests for validating encryption configuration 

    - Add coverage for IAM policies being generated when enabling CWL encryption
- Update the CWL integration test to check for log events, also don’t encrypt the log group as it’s not really necessary
- Update activity and state machine integration test to start execution and that the activity input is correct
- Ensure resources are cleaned up for integ tests (set removal policy to type cdk.RemovalPolicy.DESTROY)
- Update README with working examples
- Remove temporary schemas since L1s have been released
    Vaid Saraswat committed Aug 26, 2024
    Configuration menu
    Copy the full SHA
    1099973 View commit details
    Browse the repository at this point in the history

Commits on Aug 27, 2024

  1. Update packages/aws-cdk-lib/aws-stepfunctions/README.md 

    Co-authored-by: Adam Wong <55506708+wong-a@users.noreply.github.com>
    @VaidSaraswat @wong-a
    VaidSaraswat and wong-a authored Aug 27, 2024
    Configuration menu
    Copy the full SHA
    1c3a816 View commit details
    Browse the repository at this point in the history

  2. Update packages/aws-cdk-lib/aws-stepfunctions/README.md 

    Co-authored-by: Adam Wong <55506708+wong-a@users.noreply.github.com>
    @VaidSaraswat @wong-a
    VaidSaraswat and wong-a authored Aug 27, 2024
    Configuration menu
    Copy the full SHA
    d6d5f0c View commit details
    Browse the repository at this point in the history

  3. Update packages/aws-cdk-lib/aws-stepfunctions/README.md 

    Co-authored-by: Adam Wong <55506708+wong-a@users.noreply.github.com>
    @VaidSaraswat @wong-a
    VaidSaraswat and wong-a authored Aug 27, 2024
    Configuration menu
    Copy the full SHA
    aca062a View commit details
    Browse the repository at this point in the history

  4. Update packages/aws-cdk-lib/aws-stepfunctions/lib/activity.ts 

    Co-authored-by: Adam Wong <55506708+wong-a@users.noreply.github.com>
    @VaidSaraswat @wong-a
    VaidSaraswat and wong-a authored Aug 27, 2024
    Configuration menu
    Copy the full SHA
    e8c2808 View commit details
    Browse the repository at this point in the history

  5. - Updating README to include ts and fixed indentation 

    - Adding unit test for Activity to ensure KmsDataKeyReusePeriodSeconds defaults to 300 secs
- Updating integration test to use two separate keys for activity and state machine to verify policy generation for the state machine and activity task
    Vaid Saraswat committed Aug 27, 2024
    Configuration menu
    Copy the full SHA
    e39dc89 View commit details
    Browse the repository at this point in the history

  6. Adding dependency imports for README examples

    Vaid Saraswat committed Aug 27, 2024
    Configuration menu
    Copy the full SHA
    57483ac View commit details
    Browse the repository at this point in the history

Commits on Aug 28, 2024

  1. - Fix indentation in code sample for README

    Vaid Saraswat committed Aug 28, 2024
    Configuration menu
    Copy the full SHA
    2aca3aa View commit details
    Browse the repository at this point in the history

  2. Rename aws-cdk-lib/kms to 'aws-cdk-lib/aws-kms'

    Vaid Saraswat committed Aug 28, 2024
    Configuration menu
    Copy the full SHA
    8b3a07e View commit details
    Browse the repository at this point in the history

  3. Removing unnecessary kms:Decrypt permissions for execution role when … 

    …encryption and logging are enabled
    Vaid Saraswat committed Aug 28, 2024
    Configuration menu
    Copy the full SHA
    b25b069 View commit details
    Browse the repository at this point in the history

  4. Update packages/aws-cdk-lib/aws-stepfunctions/lib/util.ts 

    Co-authored-by: Adam Wong <55506708+wong-a@users.noreply.github.com>
    @VaidSaraswat @wong-a
    VaidSaraswat and wong-a authored Aug 28, 2024
    Configuration menu
    Copy the full SHA
    2868c02 View commit details
    Browse the repository at this point in the history

  5. - Use stronger assertion Match.objectEquals 

    - Update unit tests to check for new wording when throwing a validation error
    Vaid Saraswat committed Aug 28, 2024
    Configuration menu
    Copy the full SHA
    581739d View commit details
    Browse the repository at this point in the history

  6. Removing unnecessary KMS:Decrypt permissions on Activity key for Send… 

    …TaskSuccess lambda function
    Vaid Saraswat committed Aug 28, 2024
    Configuration menu
    Copy the full SHA
    0a5b065 View commit details
    Browse the repository at this point in the history

Commits on Aug 29, 2024

  1. Update packages/aws-cdk-lib/aws-stepfunctions/README.md 

    Co-authored-by: paulhcsun <47882901+paulhcsun@users.noreply.github.com>
    @VaidSaraswat @paulhcsun
    VaidSaraswat and paulhcsun authored Aug 29, 2024
    Configuration menu
    Copy the full SHA
    43d3dad View commit details
    Browse the repository at this point in the history

Commits on Aug 30, 2024

  1. - Use new EncryptionConfiguration object for customers who want to us… 

    …e CMK encryption
    Vaid Saraswat committed Aug 30, 2024
    Configuration menu
    Copy the full SHA
    b0b5674 View commit details
    Browse the repository at this point in the history

  2. Adding missing comma

    Vaid Saraswat committed Aug 30, 2024
    Configuration menu
    Copy the full SHA
    fedf070 View commit details
    Browse the repository at this point in the history

Commits on Sep 2, 2024

  1. Update packages/aws-cdk-lib/aws-stepfunctions/README.md 

    Co-authored-by: Adam Wong <55506708+wong-a@users.noreply.github.com>
    @VaidSaraswat @wong-a
    VaidSaraswat and wong-a authored Sep 2, 2024
    Configuration menu
    Copy the full SHA
    4c062d8 View commit details
    Browse the repository at this point in the history

  2. Update packages/aws-cdk-lib/aws-stepfunctions/lib/state-machine.ts 

    Co-authored-by: Adam Wong <55506708+wong-a@users.noreply.github.com>
    @VaidSaraswat @wong-a
    VaidSaraswat and wong-a authored Sep 2, 2024
    Configuration menu
    Copy the full SHA
    f5f2396 View commit details
    Browse the repository at this point in the history

Commits on Sep 4, 2024

  1. - Created new abstract EncryptionConfiguration class which CustomerMa… 

    …nagedEncryptionConfiguration & AwsOwnedEncryptionConfiguration extend

- Created new class CustomerManagedEncryptionConfiguration
- Created new class AwsOwnedEncryptionConfiguration
- Updated unit and integ tests to use either CustomerManagedEncryptionConfiguration or AwsOwnedEncryptionConfiguration when setting encryptionConfiguration
- Updated README to use CustomerManagedEncryptionConfiguration or AwsOwnedEncryptionConfiguration in the code samples
- Updated README to include specific comment on encrypting log group with link to relevant documentation
- Added example in README for switching between CustomerManagedEncryptionConfiguration and AwsOwnedEncryptionConfiguration
    Vaid Saraswat committed Sep 4, 2024
    Configuration menu
    Copy the full SHA
    130cd1f View commit details
    Browse the repository at this point in the history

  2. Merge branch 'main' into feat-encryption-configuration

    @paulhcsun
    paulhcsun authored Sep 4, 2024
    Configuration menu
    Copy the full SHA
    1ebeafe View commit details
    Browse the repository at this point in the history

Commits on Sep 6, 2024

  1. - Added new lines to files that didn't have them 

    - Moved util.ts to a private directory
- Updated buildEncryptionConfiguration to to accept type EncryptionConfiguration
- Rename ckmencryptionconfiguration to customer-managed-key-encryption-configuration
- Rename aokencryptionconfiguration to aws-owned-key-encryption-configuration
- Rename encryptionconfiguration to encryption-configuration
    Vaid Saraswat committed Sep 6, 2024
    Configuration menu
    Copy the full SHA
    3d44c34 View commit details
    Browse the repository at this point in the history

Commits on Sep 19, 2024

  1. Update packages/aws-cdk-lib/aws-stepfunctions/README.md

    @VaidSaraswat
    VaidSaraswat authored Sep 19, 2024
    Configuration menu
    Copy the full SHA
    74cd4fb View commit details
    Browse the repository at this point in the history

  2. Update packages/aws-cdk-lib/aws-stepfunctions/README.md

    @VaidSaraswat
    VaidSaraswat authored Sep 19, 2024
    Configuration menu
    Copy the full SHA
    339aa82 View commit details
    Browse the repository at this point in the history

Commits on Sep 20, 2024

  1. Merge branch 'main' into feat-encryption-configuration

    @paulhcsun
    paulhcsun authored Sep 20, 2024
    Configuration menu
    Copy the full SHA
    17641e4 View commit details
    Browse the repository at this point in the history