Pull SWB upstream: v5.1.X

CHANGELOG.md

@@ -2,8 +2,9 @@
 
 All notable changes to this project will be documented in this file. As our fork has diverged from AWS SWB mainline branch, we are noting the SWB version and the lab version together, as <swb version>\_<lab version>, starting from SWB mainline, 5.0.0.
 
-## [5.0.0_1.1.1](https://github.com/hms-dbmi/service-workbench-on-aws/compare/v5.0.0_1.1.0...v5.0.0_1.1.1) (08/10/2023)
+## [5.1.0_1.1.1](https://github.com/hms-dbmi/service-workbench-on-aws/compare/v5.0.0_1.1.0...v5.0.0_1.1.1) (08/10/2023)
 - Cherry pick [a0c7eeed34eea02ec56f49411cf499d1c59f0d3a](https://github.com/awslabs/service-workbench-on-aws/commit/a0c7eeed34eea02ec56f49411cf499d1c59f0d3a) to upgrade nodejs version and dependencies for lambda runtimes.
+
 ## [5.0.0_1.1.0](https://github.com/hms-dbmi/service-workbench-on-aws/compare/v5.0.0_1.0.3...v5.0.0_1.1.0) (07/21/2023)
 - Add S3 GetObject and List permission to access embed data for workspaces.
 - Add logos to workspace types on user creation step so it's easier to visually find the types they want.
@@ -54,6 +55,35 @@ All notable changes to this project will be documented in this file. As our fork
 
 # Mainline Version
 
+### [5.1.1](https://github.com/awslabs/service-workbench-on-aws/compare/v5.1.0...v5.1.1) (2022-04-08)
+
+### Bug Fixes
+
+* replace aws-ee package name prefix with amzn ([#960](https://github.com/awslabs/service-workbench-on-aws/issues/960)) ([9e224ff](https://github.com/awslabs/service-workbench-on-aws/commit/9e224ff1aee34ccbdea14f330c7c840a9a39b125))
+
+### [5.1.0](https://github.com/awslabs/service-workbench-on-aws/compare/v5.0.0...v5.1.0) (2022-03-22)
+
+### Features
+
+* OAuth flow: Switch to Authorization Code grant ([#947](https://github.com/awslabs/service-workbench-on-aws/issues/947)) ([9edbc12](https://github.com/awslabs/service-workbench-on-aws/commit/9edbc12bd85e0ddf4c2b271775b2fd41d9c2c236))
+
+### Bug Fixes
+
+* -raas-master-artifacts versioning ([#930](https://github.com/awslabs/service-workbench-on-aws/issues/930)) ([1465431](https://github.com/awslabs/service-workbench-on-aws/commit/14654313d9d472beaf497fee5b1e918aad9ff756))
+* Allow users to go back and fix configuration errors ([#934](https://github.com/awslabs/service-workbench-on-aws/issues/934)) ([4f6a66d](https://github.com/awslabs/service-workbench-on-aws/commit/4f6a66dc0e6bc7f5465172045df500c825afb7a2))
+* config integ test ([#950](https://github.com/awslabs/service-workbench-on-aws/issues/950)) ([2b285b7](https://github.com/awslabs/service-workbench-on-aws/commit/2b285b724cbdb3c361232b932b524dae8ba53d60))
+* email TLD can be longer than 3 chars ([#928](https://github.com/awslabs/service-workbench-on-aws/issues/928)) ([eab8ec9](https://github.com/awslabs/service-workbench-on-aws/commit/eab8ec925780c5a47507cc8f93ac0faabdeb38a2))
+* Exit early if jq is not installed. Fix ssm delete error ([#953](https://github.com/awslabs/service-workbench-on-aws/issues/953)) ([5c9c571](https://github.com/awslabs/service-workbench-on-aws/commit/5c9c5714947fd116ae58d39d60cb72d60914d548))
+* Handle workflow-trigger-service StepFunction execution failure ([#903](https://github.com/awslabs/service-workbench-on-aws/issues/903)) ([52b24c3](https://github.com/awslabs/service-workbench-on-aws/commit/52b24c346dd3cfa91b1a385c0f8611a6ec55f678))
+* no cidr form field in TRE env ([#940](https://github.com/awslabs/service-workbench-on-aws/issues/940)) ([dd2ccfd](https://github.com/awslabs/service-workbench-on-aws/commit/dd2ccfd2c606822ef0dae901ba911d560bf3df08))
+* Remove non admin option for onboarding a hosting account ([#933](https://github.com/awslabs/service-workbench-on-aws/issues/933)) ([4b26589](https://github.com/awslabs/service-workbench-on-aws/commit/4b2658950b9565a7f5e0074031ce1a4625aedc7a))
+* remove unnecessary file ([4d20541](https://github.com/awslabs/service-workbench-on-aws/commit/4d2054160e874a512acecb7c9c714f3a8d5cf2b6))
+* Return badRequest if trying to terminate an environment that has already been terminated ([#946](https://github.com/awslabs/service-workbench-on-aws/issues/946)) ([15eb4d3](https://github.com/awslabs/service-workbench-on-aws/commit/15eb4d35320c2ba9babaa946fbecb34a9ec393b2))
+* select cidr field only in non-TRE env ([#941](https://github.com/awslabs/service-workbench-on-aws/issues/941)) ([897670b](https://github.com/awslabs/service-workbench-on-aws/commit/897670b2332734ab84ffe5b537fc35f3ab17343c))
+* termination failure to show fewer details ([#931](https://github.com/awslabs/service-workbench-on-aws/issues/931)) ([6700c29](https://github.com/awslabs/service-workbench-on-aws/commit/6700c2999cb1dcd2cb72b7ae40362def9650c49c))
+* Throw HTTP Status 429 error when there are too many get Sagemaker Presigned URL requests ([#942](https://github.com/awslabs/service-workbench-on-aws/issues/942)) ([3dea763](https://github.com/awslabs/service-workbench-on-aws/commit/3dea7630a584051b7e2eb152f71f8423e55fc827))
+* wide cidr warning and env config dep ([#935](https://github.com/awslabs/service-workbench-on-aws/issues/935)) ([95c5d95](https://github.com/awslabs/service-workbench-on-aws/commit/95c5d9579bc01c1d092487b961ebd6e6f1168eeb))
+
 ## [5.0.0](https://github.com/awslabs/service-workbench-on-aws/compare/v4.3.1...v5.0.0) (2022-02-11)
 
 ## Internal Auth deprecation

README.md

@@ -185,14 +185,14 @@ For more information, refer to *Service Workbench Installation Guide*.
 
 ## Creating a new user in Service Workbench
 
-Once Service Workbench is fully deployed, the console will output the Website URL and Root Password for Service Workbench. You can log in by navigating to the Website URL in any browser, and then using the username 'root' and the Root Password given by the console. Please note that logging as the root user is highly discouraged, and should only be used for initial setup. You can create a new user by clicking the "Users" tab on the left, then "Add Local User". Follow the instructions given to create the user (you can leave the 'Project' field blank for now), then log out of the root account and into your new user account.
+Once Service Workbench is fully deployed, the console will output the Website URL and Root Password for Service Workbench. You can log in by navigating to the Website URL in any browser, and then using the username root and the Root Password given by the console. Please note that logging as the root user is highly discouraged, and should only be used for initial setup. You can create a new user by clicking the **Users** tab on the left, then **Add Local User**. Follow the instructions given to create the user (you can leave the Project field blank for now), then log out of the root account and into your new user account.
 
 Adding a local user should only be done in test environments. We highly recommend using an IDP for prod environments. For more details on how to set up an IDP, click [here](/docs/docs/user_guide/sidebar/admin/auth/introduction.md)
 ## Linking an existing AWS account
 
-Once in your user account, you'll need to link your AWS account. Navigate to "AWS Accounts" in the left bar, then click the "AWS Accounts" tab. From here, you can create an AWS account, or link an existing one.
+Once in your user account, you'll need to link your AWS account. Navigate to **AWS Accounts** in the left bar, then click the **AWS Accounts** tab. From here, you can create an AWS account, or link an existing one.
 
-To create a new AWS account, you'll need the "Master Role ARN" value, which you can get by contacting the owner of your Organization's master account. If you are the owner, you can find it in the Roles section of [AWS IAM](https://aws.amazon.com/iam/) from the [AWS management console](https://aws.amazon.com/console/).
+To create a new AWS account, you'll need the **Master Role ARN** value, which you can get by contacting the owner of your Organization's master account. If you are the owner, you can find it in the Roles section of [AWS IAM](https://aws.amazon.com/iam/) from the [AWS management console](https://aws.amazon.com/console/).
 
 To link an existing account, follow the instructions listed. You'll need the following credentials:
 
@@ -218,16 +218,17 @@ Now that you have a user and have a working AWS account, we can start generating
 6. Navigate to the **Users** page to see that the project has been successfully associated with your account.
 
 ### Creating a workspace
-Pre-requisites: Before creating a workspace, you must setup Service Catalog. Refer to the “Import a Product” section of the Service Workbench Deployment Guide for information on installing Service Catalog.
+Pre-requisites: Before creating a workspace, you must setup Service Catalog. Refer to the *Import a Product* section of the Service Workbench Deployment Guide for information on installing Service Catalog.
 
-1.	In the Workspaces tab, choose **Create Research Workspace**. A menu with options is displayed. 
+1.	In the Workspaces tab, choose **Create Research Workspace**. A menu with options is displayed.  
      **Note**: Service Workbench automatically provisions AWS resources according to your selection, so you can run your projects on AWS without having to worry about the setup.
 2. Choose the desired platform and then choose Next.
-3. Enter appropriate values for the field names (leave 'Restricted CIDR' as-is if you don't know what it is) and select a configuration.
+3. Enter appropriate values for the field names (leave 'Restricted CIDR' as-is if you don't know what it is) and select a configuration.  
      **Note**: Each configuration lists the details for its instance--On Demand instances are more expensive than Spot instances, but they're available whenever you need them. For more details on pricing and configurations, refer to the [Instance Purchasing Options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-purchasing-options.html) and the [AWS Pricing](https://aws.amazon.com/pricing/) pages.
 4.	Your workspace may take some time to launch. Once it is up and running, you can connect to it by choosing Connect. For more details, see the following documentation pages:
      + AWS SageMaker: Service Workbench takes care of provisioning the workspace for you, so you can jump straight to working with SageMaker Notebooks. For more information, see the [SageMaker Getting Started Guide](https://docs.aws.amazon.com/sagemaker/latest/dg/gs-console.html) (you can jump straight to Step 4).
-     + AWS ElasticMapReduce (EMR): Service Workbench takes care of setting up the EMR instance for you, so you can jump straight to working with EMR Notebooks. For more information on using EMR Notebooks, see [Using EMR Notebooks](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks.html). **Note:** A password may be required to access the EMR Notebooks. By default, this password is 'go-research-on-aws' (without the quotes).
+     + AWS ElasticMapReduce (EMR): Service Workbench takes care of setting up the EMR instance for you, so you can jump straight to working with EMR Notebooks. A password may be required to access the EMR Notebooks. By default, this password is ``go-research-on-aws``. For more information on using EMR Notebooks, see [Using EMR Notebooks](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-notebooks.html).  
+     **Note:** EMR workspaces are not available if AppStream is enabled for the deployment.
      + RStudio: You can connect to RStudio workspace type by using the template and AMI provided in AWS partner's [repository](https://github.com/RLOpenCatalyst/Service_Workbench_Templates). For more information, refer to the [Create RStudio ALB workspace](/deployment/post_deployment/aws_accounts#creating-rstudio-alb-workspace) section of *Service Workbench Post Deployment Guide*.
      + AWS Elastic Compute Cloud (EC2): EC2 instances are essentially Virtual Machines in the cloud. For more information, see the [EC2 Documentation](https://aws.amazon.com/ec2/).
 

addons/addon-base-post-deployment/packages/base-post-deployment/lib/deployment-store-service.js

@@ -13,8 +13,8 @@
  *  permissions and limitations under the License.
  */
 
-const Service = require('@aws-ee/base-services-container/lib/service');
-const { runAndCatch } = require('@aws-ee/base-services/lib/helpers/utils');
+const Service = require('@amzn/base-services-container/lib/service');
+const { runAndCatch } = require('@amzn/base-services/lib/helpers/utils');
 
 const createOrUpdateSchema = require('./schema/deployment-item.json');
 

addons/addon-base-post-deployment/packages/base-post-deployment/lib/plugins/services-plugin.js

@@ -13,22 +13,22 @@
  *  permissions and limitations under the License.
  */
 
-const AwsService = require('@aws-ee/base-services/lib/aws/aws-service');
-const S3Service = require('@aws-ee/base-services/lib/s3-service');
-const IamService = require('@aws-ee/base-services/lib/iam/iam-service');
-const DbService = require('@aws-ee/base-services/lib/db-service');
-const JsonSchemaValidationService = require('@aws-ee/base-services/lib/json-schema-validation-service');
-const InputManifestValidationService = require('@aws-ee/base-services/lib/input-manifest/input-manifest-validation-service');
-const LockService = require('@aws-ee/base-services/lib/lock/lock-service');
-const PluginRegistryService = require('@aws-ee/base-services/lib/plugin-registry/plugin-registry-service');
-const AuditWriterService = require('@aws-ee/base-services/lib/audit/audit-writer-service');
-const AuthorizationService = require('@aws-ee/base-services/lib/authorization/authorization-service');
-const UserAuthzService = require('@aws-ee/base-services/lib/user/user-authz-service');
-const UserService = require('@aws-ee/base-services/lib/user/user-service');
-const DbPasswordService = require('@aws-ee/base-services/lib/db-password/db-password-service');
-const AuthenticationProviderTypeService = require('@aws-ee/base-api-services/lib/authentication-providers/authentication-provider-type-service');
-const AuthenticationProviderConfigService = require('@aws-ee/base-api-services/lib/authentication-providers/authentication-provider-config-service');
-const registerBuiltInAuthProvisioners = require('@aws-ee/base-api-services/lib/authentication-providers/register-built-in-provisioner-services');
+const AwsService = require('@amzn/base-services/lib/aws/aws-service');
+const S3Service = require('@amzn/base-services/lib/s3-service');
+const IamService = require('@amzn/base-services/lib/iam/iam-service');
+const DbService = require('@amzn/base-services/lib/db-service');
+const JsonSchemaValidationService = require('@amzn/base-services/lib/json-schema-validation-service');
+const InputManifestValidationService = require('@amzn/base-services/lib/input-manifest/input-manifest-validation-service');
+const LockService = require('@amzn/base-services/lib/lock/lock-service');
+const PluginRegistryService = require('@amzn/base-services/lib/plugin-registry/plugin-registry-service');
+const AuditWriterService = require('@amzn/base-services/lib/audit/audit-writer-service');
+const AuthorizationService = require('@amzn/base-services/lib/authorization/authorization-service');
+const UserAuthzService = require('@amzn/base-services/lib/user/user-authz-service');
+const UserService = require('@amzn/base-services/lib/user/user-service');
+const DbPasswordService = require('@amzn/base-services/lib/db-password/db-password-service');
+const AuthenticationProviderTypeService = require('@amzn/base-api-services/lib/authentication-providers/authentication-provider-type-service');
+const AuthenticationProviderConfigService = require('@amzn/base-api-services/lib/authentication-providers/authentication-provider-config-service');
+const registerBuiltInAuthProvisioners = require('@amzn/base-api-services/lib/authentication-providers/register-built-in-provisioner-services');
 
 const DeploymentStoreService = require('../deployment-store-service');
 

addons/addon-base-post-deployment/packages/base-post-deployment/lib/steps/__tests__/create-root-user-service.test.js

@@ -13,22 +13,22 @@
  *  permissions and limitations under the License.
  */
 
-const ServicesContainer = require('@aws-ee/base-services-container/lib/services-container');
-const Aws = require('@aws-ee/base-services/lib/aws/aws-service');
-const JsonSchemaValidationService = require('@aws-ee/base-services/lib/json-schema-validation-service');
+const ServicesContainer = require('@amzn/base-services-container/lib/services-container');
+const Aws = require('@amzn/base-services/lib/aws/aws-service');
+const JsonSchemaValidationService = require('@amzn/base-services/lib/json-schema-validation-service');
 const AWSMock = require('aws-sdk-mock');
-const Logger = require('@aws-ee/base-services/lib/logger/logger-service');
+const Logger = require('@amzn/base-services/lib/logger/logger-service');
 
 // Mocked dependencies
 
-jest.mock('@aws-ee/base-services/lib/db-password/db-password-service');
-const DbPasswordServiceMock = require('@aws-ee/base-services/lib/db-password/db-password-service');
+jest.mock('@amzn/base-services/lib/db-password/db-password-service');
+const DbPasswordServiceMock = require('@amzn/base-services/lib/db-password/db-password-service');
 
-jest.mock('@aws-ee/base-services/lib/user/user-service');
-const UserServiceMock = require('@aws-ee/base-services/lib/user/user-service');
+jest.mock('@amzn/base-services/lib/user/user-service');
+const UserServiceMock = require('@amzn/base-services/lib/user/user-service');
 
-jest.mock('@aws-ee/base-services/lib/settings/env-settings-service');
-const SettingsServiceMock = require('@aws-ee/base-services/lib/settings/env-settings-service');
+jest.mock('@amzn/base-services/lib/settings/env-settings-service');
+const SettingsServiceMock = require('@amzn/base-services/lib/settings/env-settings-service');
 
 const CreateRootUserService = require('../create-root-user-service');
 

addons/addon-base-post-deployment/packages/base-post-deployment/lib/steps/add-auth-providers.js

@@ -14,9 +14,9 @@
  */
 
 const _ = require('lodash');
-const Service = require('@aws-ee/base-services-container/lib/service');
-const { getSystemRequestContext } = require('@aws-ee/base-services/lib/helpers/system-context');
-const authProviderConstants = require('@aws-ee/base-api-services/lib/authentication-providers/constants')
+const Service = require('@amzn/base-services-container/lib/service');
+const { getSystemRequestContext } = require('@amzn/base-services/lib/helpers/system-context');
+const authProviderConstants = require('@amzn/base-api-services/lib/authentication-providers/constants')
   .authenticationProviders;
 
 const settingKeys = {

addons/addon-base-post-deployment/packages/base-post-deployment/lib/steps/create-jwt-key-service.js

@@ -13,7 +13,7 @@
  *  permissions and limitations under the License.
  */
 
-const Service = require('@aws-ee/base-services-container/lib/service');
+const Service = require('@amzn/base-services-container/lib/service');
 const passwordGenerator = require('generate-password');
 
 const settingKeys = {

addons/addon-base-post-deployment/packages/base-post-deployment/lib/steps/create-root-user-service.js

@@ -15,8 +15,8 @@
 
 const _ = require('lodash');
 const passwordGenerator = require('generate-password');
-const Service = require('@aws-ee/base-services-container/lib/service');
-const { getSystemRequestContext } = require('@aws-ee/base-services/lib/helpers/system-context');
+const Service = require('@amzn/base-services-container/lib/service');
+const { getSystemRequestContext } = require('@amzn/base-services/lib/helpers/system-context');
 
 const settingKeys = {
   paramStoreJwtSecret: 'paramStoreJwtSecret',

addons/addon-base-post-deployment/packages/base-post-deployment/package.json

@@ -1,15 +1,15 @@
 {
-  "name": "@aws-ee/base-post-deployment",
+  "name": "@amzn/base-post-deployment",
   "version": "1.0.0",
   "private": true,
   "description": "A library containing base set of post-deployment steps",
   "author": "Amazon Web Services",
   "license": "Apache-2.0",
   "dependencies": {
-    "@aws-ee/base-api-services": "workspace:*",
-    "@aws-ee/base-services": "workspace:*",
-    "@aws-ee/base-services-container": "workspace:*",
-    "aws-sdk": "^2.1228.0",
+    "@amzn/base-api-services": "workspace:*",
+    "@amzn/base-services": "workspace:*",
+    "@amzn/base-services-container": "workspace:*",
+    "aws-sdk": "^2.647.0",
     "generate-password": "^1.7.0",
     "lodash": "^4.17.21"
   },

addons/addon-base-pre-deployment/packages/base-pre-deployment/lib/deployment-store-service.js

@@ -13,8 +13,8 @@
  *  permissions and limitations under the License.
  */
 
-const Service = require('@aws-ee/base-services-container/lib/service');
-const { runAndCatch } = require('@aws-ee/base-services/lib/helpers/utils');
+const Service = require('@amzn/base-services-container/lib/service');
+const { runAndCatch } = require('@amzn/base-services/lib/helpers/utils');
 
 const createOrUpdateSchema = require('./schema/deployment-item.json');