Skip to content

Commit

Permalink
Merge pull request #72 from aws-solutions/feature/v4.2.1
Browse files Browse the repository at this point in the history 
Feature/v4.2.1
  • Loading branch information
@eggoynes
eggoynes committed Apr 17, 2023
2 parents 2e15f9f + 69cefef commit 6391b0b
Show file tree
Hide file tree
Showing 5 changed files with 123 additions and 50 deletions.
5 changes: 4 additions & 1 deletion CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,10 @@ All notable changes to this project will be documented in this file.

The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [4.2.1] - 2023-4-17
### Changed
- Updated object ownership configuration on the CloudFormation logging bucket.
- Updated aws-cloudfront-s3 construct to support new bucket ACL changes.
## [4.2.0] - 2023-4-10

### New
Expand Down
5 changes: 3 additions & 2 deletions source/constructs/cdk.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
"app": "npx ts-node bin/live-streaming.ts",
"context": {
"aws-cdk:enableDiffNoFail": "true",
"@aws-cdk/core:stackRelativeExports": "true"
"@aws-cdk/core:stackRelativeExports": "true",
"@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": true
}
}
}
2 changes: 1 addition & 1 deletion source/constructs/lib/live-streaming.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -583,8 +583,8 @@ export class LiveStreaming extends cdk.Stack {
enforceSSL: true,
versioned: true,
removalPolicy: cdk.RemovalPolicy.RETAIN,
accessControl: s3.BucketAccessControl.LOG_DELIVERY_WRITE,
encryption: s3.BucketEncryption.S3_MANAGED,
objectOwnership: s3.ObjectOwnership.OBJECT_WRITER,
blockPublicAccess: {
blockPublicAcls: true,
blockPublicPolicy: true,
Expand Down
4 changes: 2 additions & 2 deletions source/constructs/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,8 @@
},
"dependencies": {
"@aws-cdk/aws-servicecatalogappregistry-alpha": "2.35.0-alpha.0",
"@aws-solutions-constructs/aws-cloudfront-s3": "2.35.0",
"aws-cdk-lib": "2.68.0",
"@aws-solutions-constructs/aws-cloudfront-s3": "2.38.0",
"aws-cdk-lib": "2.74.0",
"cdk-nag": "^2.21.52",
"constructs": "10.1.283",
"source-map-support": "0.5.19"
Expand Down
157 changes: 113 additions & 44 deletions source/constructs/test/__snapshots__/live-streaming.test.ts.snap
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@ exports[`LiveStreaming Stack Test 1`] = `
Object {
Description: (SO0013) Live Streaming on AWS Solution %%VERSION%%,
Mappings: Object {
AnonymousData: Object {
SendAnonymousData: Object {
AnonymizedData: Object {
SendAnonymizedData: Object {
Data: Yes,
},
},
Expand Down Expand Up @@ -652,8 +652,8 @@ Object {
Resource: AnonymousMetric,
SendAnonymousMetric: Object {
Fn::FindInMap: Array [
AnonymousData,
SendAnonymousData,
AnonymizedData,
SendAnonymizedData,
Data,
],
},
Expand All @@ -677,7 +677,7 @@ Object {
},
AppRegistryApp5349BE86: Object {
DependsOn: Array [
AppRegistryAttributeGroup7AF07446,
AppRegistryAttributeIdDF43F316,
],
Properties: Object {
Description: Service Catalog application to track and manage all your resources. The SolutionId is SO0013 and SolutionVersion is %%VERSION%%.,
Expand All @@ -704,9 +704,9 @@ Object {
},
Type: AWS::ServiceCatalogAppRegistry::Application,
},
AppRegistryAppAttributeGroupAssociation73c027e3f10e9676CFD5: Object {
AppRegistryAppAttributeGroupAssociatione6a1c2e3176a77F7002D: Object {
DependsOn: Array [
AppRegistryAttributeGroup7AF07446,
AppRegistryAttributeIdDF43F316,
],
Properties: Object {
Application: Object {
Expand All @@ -717,7 +717,7 @@ Object {
},
AttributeGroup: Object {
Fn::GetAtt: Array [
AppRegistryAttributeGroup7AF07446,
AppRegistryAttributeIdDF43F316,
Id,
],
},
Expand All @@ -726,7 +726,7 @@ Object {
},
AppRegistryAppResourceAssociationbb30b2b6ffac2CF098B8: Object {
DependsOn: Array [
AppRegistryAttributeGroup7AF07446,
AppRegistryAttributeIdDF43F316,
],
Properties: Object {
Application: Object {
Expand All @@ -742,7 +742,7 @@ Object {
},
Type: AWS::ServiceCatalogAppRegistry::ResourceAssociation,
},
AppRegistryAttributeGroup7AF07446: Object {
AppRegistryAttributeIdDF43F316: Object {
Properties: Object {
Attributes: Object {
ApplicationType: AWS-Solutions,
Expand All @@ -755,6 +755,7 @@ Object {
Fn::Join: Array [
,
Array [
A30-,
Object {
Ref: AWS::Region,
},
Expand All @@ -771,36 +772,6 @@ Object {
},
Type: AWS::ServiceCatalogAppRegistry::AttributeGroup,
},
ApplicationInsightsApp: Object {
DependsOn: Array [
AppRegistryAppAttributeGroupAssociation73c027e3f10e9676CFD5,
AppRegistryApp5349BE86,
AppRegistryAppResourceAssociationbb30b2b6ffac2CF098B8,
],
Properties: Object {
AutoConfigurationEnabled: true,
CWEMonitorEnabled: true,
OpsCenterEnabled: true,
ResourceGroupName: Object {
Fn::Join: Array [
,
Array [
AWS_AppRegistry_Application-live-streaming-on-aws-,
Object {
Ref: AWS::StackName,
},
],
],
},
Tags: Array [
Object {
Key: SolutionId,
Value: SO0013,
},
],
},
Type: AWS::ApplicationInsights::Application,
},
CachePolicy26D8A535: Object {
Properties: Object {
CachePolicyConfig: Object {
Expand Down Expand Up @@ -1210,6 +1181,13 @@ Object {
},
],
},
OwnershipControls: Object {
Rules: Array [
Object {
ObjectOwnership: ObjectWriter,
},
],
},
PublicAccessBlockConfiguration: Object {
BlockPublicAcls: true,
BlockPublicPolicy: true,
Expand Down Expand Up @@ -1410,7 +1388,6 @@ Object {
},
},
Properties: Object {
AccessControl: LogDeliveryWrite,
BucketEncryption: Object {
ServerSideEncryptionConfiguration: Array [
Object {
Expand Down Expand Up @@ -1477,6 +1454,42 @@ Object {
},
],
},
Object {
Action: s3:PutObject,
Condition: Object {
ArnLike: Object {
aws:SourceArn: Object {
Fn::GetAtt: Array [
CloudFrontToS3S3Bucket9CE6AB04,
Arn,
],
},
},
StringEquals: Object {
aws:SourceAccount: Object {
Ref: AWS::AccountId,
},
},
},
Effect: Allow,
Principal: Object {
Service: logging.s3.amazonaws.com,
},
Resource: Object {
Fn::Join: Array [
,
Array [
Object {
Fn::GetAtt: Array [
CloudFrontToS3S3LoggingBucketEF5CD8B2,
Arn,
],
},
/*,
],
],
},
},
],
Version: 2012-10-17,
},
Expand Down Expand Up @@ -1511,9 +1524,9 @@ Object {
S3Bucket: Object {
Fn::Sub: cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region},
},
S3Key: 73d45459ae7abbe57b24ae45648c26887c578dbcc2c8001b8932715b29560f21.zip,
S3Key: 09e61b0d6b987f1e34c37dca7fac2021462b7b3bd89ecf3fcdc0eccdae4d6b4a.zip,
},
Description: Used to deploy custom resources and send AnonymousData,
Description: Used to deploy custom resources and send AnonymizedData,
Environment: Object {
Variables: Object {
SOLUTION_IDENTIFIER: AwsSolution/SO0013/%%VERSION%%,
Expand Down Expand Up @@ -1961,7 +1974,6 @@ Object {
},
},
Properties: Object {
AccessControl: LogDeliveryWrite,
BucketEncryption: Object {
ServerSideEncryptionConfiguration: Array [
Object {
Expand All @@ -1971,6 +1983,13 @@ Object {
},
],
},
OwnershipControls: Object {
Rules: Array [
Object {
ObjectOwnership: ObjectWriter,
},
],
},
PublicAccessBlockConfiguration: Object {
BlockPublicAcls: true,
BlockPublicPolicy: true,
Expand All @@ -1983,10 +2002,60 @@ Object {
Value: SO0013,
},
],
VersioningConfiguration: Object {
Status: Enabled,
},
},
Type: AWS::S3::Bucket,
UpdateReplacePolicy: Retain,
},
LogsBucketPolicyD70D9252: Object {
Properties: Object {
Bucket: Object {
Ref: LogsBucket9C4D8843,
},
PolicyDocument: Object {
Statement: Array [
Object {
Action: s3:*,
Condition: Object {
Bool: Object {
aws:SecureTransport: false,
},
},
Effect: Deny,
Principal: Object {
AWS: *,
},
Resource: Array [
Object {
Fn::GetAtt: Array [
LogsBucket9C4D8843,
Arn,
],
},
Object {
Fn::Join: Array [
,
Array [
Object {
Fn::GetAtt: Array [
LogsBucket9C4D8843,
Arn,
],
},
/*,
],
],
},
],
},
],
Version: 2012-10-17,
},
},
Type: AWS::S3::BucketPolicy,
},
MediaLiveChannel: Object {
DeletionPolicy: Delete,
Properties: Object {
Expand Down

0 comments on commit 6391b0b

Please sign in to comment.