Releases: aws-samples/aws-iam-identity-center-extensions
Releases · aws-samples/aws-iam-identity-center-extensions
v3.1.9
Notes
This release is a maintenance update to address the following recent changes from AWS:
- NodeJS 16 runtime deprecation: AWS has announced end of support for NodeJS 16. The codebase has been updated to use NodeJS 20.
- AWS CodeCommit changes: AWS has closed new customer access to AWS CodeCommit. The solution will still support CodeCommit as a source to allow users with existing CodeCommit repositories to run deployments. Additional support for S3 as a source has been added. CodeConnections as a source is already supported to integrate with external Git providers. Please see the example
config/env.yamlfile to understand how to configure the source. - AWS CodeStar changes: AWS has renamed CodeStar Connections to CodeConnections. This change will be reflected in IAM action names and ARNs. For a summary of the changes, see Connections rename - Summary of changes If you were using CodeStar as the source, ensure your env.yaml file is updated.
What's Changed
- Update dependencies and NodeJS version for Lambda functions by @javydekoning in #127
- Support for S3 as source by @jmejco in #130
New Contributors
- @javydekoning made their first contribution in #127
Full Changelog: v3.1.8...v3.1.9
Contributors
javydekoning and jmejco
Assets 2
v3.1.8
If deploying v3.1.8 directly to your environment
Follow along the self-paced workshop for deployment and use case flow instructions
If upgrading from v3.1.7 or older to v3.1.8, please read below
If you have already deployed an older version to your environment, follow the below steps to update your deployment:
- Make a backup of config/env.yaml (or) a different configuration file if you are using a different name for your environment.
- Update your repository with the latest code from v3.1.8
- Overwrite the values specific to your environment in config/env.yaml with values from your backed up config/env.yaml
- Still at the root of the project, run
yarn install --frozen-lock-fileto install the new dev dependencies introduced in this release - Still at the root of the project, run
yarn cdk-synth-envand validate that the synth is successful - Push the updated code to your repo using instructions from here
- This will automatically trigger the pipeline to deploy v3.1.8 to your environment
What's Changed
- Handle duplicate custom lambda layer version name issue
- Handle null exception when managed policies in permission set go from empty to with values array (or) vice-versa
- For detailed descriptions of these changes, see #109
Full Changelog: v3.1.7...v3.1.8
v3.1.7
If deploying v3.1.7 directly to your environment
Follow along the self-paced workshop for deployment and use case flow instructions
If upgrading from v3.1.6 or older to v3.1.7, please read below
If you have already deployed an older version to your environment, follow the below steps to update your deployment:
- Make a backup of config/env.yaml (or) a different configuration file if you are using a different name for your environment.
- Update your repository with the latest code from v3.1.7
- Overwrite the values specific to your environment in config/env.yaml with values from your backed up config/env.yaml
- Still at the root of the project, run
yarn install --frozen-lock-fileto install the new dev dependencies introduced in this release - Still at the root of the project, run
yarn cdk-synth-envand validate that the synth is successful - Push the updated code to your repo using instructions from here
- This will automatically trigger the pipeline to deploy v3.1.7 to your environment
What's Changed
- Added support for customer managed policies and permission boundaries.
- Added CodeStar connection support i.e. enabling any of the Git source providers that CodeStar connections support to be used as source repo.
- Several fixes for the current config import workflow.
- For detailed descriptions of these changes, see #100
Full Changelog: v3.1.6...v3.1.7
v3.1.6
If deploying v3.1.6 directly to your environment
Follow along the self-paced workshop for deployment and use case flow instructions
If upgrading from v3.1.5 or older to v3.1.6, please read below
If you have already deployed an older version to your environment, follow the below steps to update your deployment:
- Make a backup of config/env.yaml (or) a different configuration file if you are using a different name for your environment.
- Update your repository with the latest code from v3.1.6
- Overwrite the values specific to your environment in config/env.yaml with values from your backed up config/env.yaml
- Still at the root of the project, run
yarn install --frozen-lock-fileto install the new dev dependencies introduced in this release - Still at the root of the project, run
yarn cdk-synth-envand validate that the synth is successful - Push the updated code to your repo using instructions from here
- This will automatically trigger the pipeline to deploy v3.1.6 to your environment
What's Changed
- Fixes exception handling by using the SDK provided named exceptions
- Refactors logging constructs to allow config provided log level setting for core and current config import lambda functions
- Updates all Lambda runtimes to NodeJS 16.
- For detailed descriptions of these changes, see #93
Full Changelog: v3.1.5...v3.1.6
v3.1.5
If deploying v3.1.5 directly to your environment
Follow along the self-paced workshop for deployment and use case flow instructions
If upgrading from v3.1.4 to v3.1.5, please read below
If you have already deployed v3.1.4 to your environment, follow the below steps to update your deployment:
- Make a backup of config/env.yaml (or) a different configuration file if you are using a different name for your environment.
- Update your repository with the latest code from v3.1.5
- Overwrite the values specific to your environment in config/env.yaml with values from your backed up config/env.yaml
- Still at the root of the project, run
yarn install --frozen-lock-fileto install the new dev dependenices introduced in this release - Still at the root of the project, run
yarn cdk-synth-envand validate that the synth is successful - Push the updated code to your repo using instructions from here
- This will automatically trigger the pipeline to deploy v3.1.5 to your environment
What's Changed
- Significant optimization for tuning the solution to operate at scale and avoid throttling issues.
- Support for applying permission sets recursively for nested OUs.
- Update permission set schema to align to the schema spec supported by AWS SSO admin API.
- Handle empty permission set description, session duration and relay state.
- For detailed descriptions of these changes, see #89
Full Changelog: v3.1.4...v3.1.5
v3.1.4
If deploying v3.1.4 directly to your environment
Follow along the self-paced workshop for deployment and use case flow instructions
If upgrading from v3.1.3 to v3.1.4, please read below
If you have already deployed v3.1.3 to your environment, follow the below steps to update your deployment:
- Make a backup of config/env.yaml (or) a different configuration file if you are using a different name for your environment.
- Update your repository with the latest code from v3.1.4
- Overwrite the values specific to your environment in config/env.yaml with values from your backed up config/env.yaml
- Still at the root of the project, run
yarn install --frozen-lock-fileto install the new dev dependenices introduced in this release - Still at the root of the project, run
yarn cdk-synth-envand validate that the synth is successful - Push the updated code to your repo using instructions from here
- This will automatically trigger the pipeline to deploy v3.1.4 to your environment
What's Changed
- Update schema definitions by @jjleigh in #64
- Adding description to schema and making tags and relay state as option by @jjleigh in #67
- Fix permission set schema validation bugs by @leelalagudu in #70
New Contributors
Full Changelog: v3.1.3...v3.1.4
Contributors
jjleigh and leelalagudu
Assets 2
v3.1.3
If deploying v3.1.3 directly to your environment
Follow along the self-paced workshop for deployment and use case flow instructions
If upgrading from v3.1.2 to v3.1.3, please read below
If you have already deployed v3.1.2 to your environment, follow the below steps to update your deployment:
- Make a backup of config/env.yaml (or) a different configuration file if you are using a different name for your environment.
- Update your repository with the latest code from v3.1.3
- Overwrite the values specific to your environment in config/env.yaml with values from your backed up config/env.yaml
- Still at the root of the project, run
yarn install --frozen-lock-fileto install the new dev dependenices introduced in this release - Still at the root of the project, run
yarn cdk-synth-envand validate that the synth is successful - Push the updated code to your repo using instructions from here
- This will automatically trigger the pipeline to deploy v3.1.3 to your environment
What's Changed
- Fix bug with delete permission set via API interface
- Refactor cross account/region SSM param reader/writer logic to use CDK's AWSCustomResource construct
- Update workshop links with the new and permanent domain name
Full Changelog: v3.1.2...v3.1.3
v3.1.2
If deploying v3.1.2 directly to your environment
Follow along the self-paced workshop for deployment and use case flow instructions
If upgrading from v3.1.1 to v3.1.2, please read below
If you have already deployed v3.1.1 to your environment, follow the below steps to update your deployment:
- Make a backup of config/env.yaml (or) a different configuration file if you are using a different name for your environment.
- Update your repository with the latest code from v3.1.2
- Overwrite the values specific to your environment in config/env.yaml with values from your backed up config/env.yaml
- Still at the root of the project, run
yarn cdk-synth-envand validate that the synth is successful - Push the updated code to your repo using instructions from here
- This will automatically trigger the pipeline to deploy v3.1.2 to your environment
What's Changed
- Update state machine behaviour for current configuration discovery, region switch and version upgrade to fail gracefully where feasible. This would ensure that when there are multiple entities being processed, the state machines would not fail if one entity processing failed. Instead, the error details are written to logs and the execution continues.
- Instances where the state machines for the scenarios described above throw errors are:
- When there's an exception for triggering the state machine logic i.e. input cannot be retrieved
- Any failure (of any type) in region switch deploy triggers a failure. This is by design to ensure that when the state machines trigger a write operation, even a single error rolls back the entire configuration. - Add troubleshooting document that explains the logging convention , different cloud watch log groups and insights queries set up by the solution
Full Changelog: v3.1.1...v3.1.2
v3.1.1
If deploying v3.1.1 directly to your environment
Follow along the self-paced workshop for deployment and use case flow instructions
If upgrading from v3.1.0 to v3.1.1, please read below
If you have already deployed v3.1.0 to your environment, follow the below steps to update your deployment:
- Make a backup of config/env.yaml (or) a different configuration file if you are using a different name for your environment.
- Update your repository with the latest code from v3.1.1
- Overwrite the values specific to your environment in config/env.yaml with values from your backed up config/env.yaml
- Still at the root of the project, run
yarn cdk-synth-envand validate that the synth is successful - Push the updated code to your repo using instructions from here
- This will automatically trigger the pipeline to deploy v3.1.1 to your environment
What's Changed
- Disable parallel builds triggering behaviour by CDK pipeline by @jmejco as the lag time for starting code build jobs across the 20 lambda asset bundling processes is nullifying the speed optimisation it's providing. Therefore, this behaviour is disabled which in turn provides the advantage that the account does not need non default concurrent code build runs quota.
Full Changelog: v3.1.0...v3.1.1
Contributors
jmejco
Assets 2
v3.1.0
If your use case is AWS SSO region switch only,
Follow along the instructions documented here
If deploying v3.1.0 directly to your environment
Follow along the self-paced workshop for deployment and use case flow instructions
If upgrading from v3.0.3 to v3.1.0, please read below
If you have already deployed v3.0.3 to your environment, follow the below steps to update your deployment:
- Make a backup of config/env.yaml (or) a different configuration file if you are using a different name for your environment.
- Update your repository with the latest code from v3.1.0
- Overwrite the values specific to your environment in config/env.yaml with values from your backed up config/env.yaml
- Still at the root of the project, run
yarn cdk-synth-envand validate that the synth is successful - Push the updated code to your repo using instructions from here
- This will automatically trigger the pipeline to deploy v3.1.0 to your environment
What's Changed
- Provide AWS SSO region switch capabilities as part of the mono repo solution
- Upgrade AWS JS V3 sdk and CDK package versions
- Refactor ASL definition files to use a single
-asl.jsonconvention instead of two separate files
New Contributors
- @dependabot made their first contribution in #50
Full Changelog: v3.0.3...v3.1.0
Contributors
dependabot