diff --git a/CHANGELOG.md b/CHANGELOG.md index 896854e..077883b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,18 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [3.1.0] - 2021-11-12 +### Changed +- Added additional permissions for AWS MediaLive IAM Policy. Now has CloudWatch, MediaConnect, and MediaStore access. +- Changed case of IAM policy (https://github.com/aws-solutions/live-stream-on-aws/pull/19) + +### Updated +- Axios update to 0.21.2 +- Tmpl update to 1.0.5 + +### Fixed +- Add new Permissions to the CloudFormation template that will allow customers to add tags on EML resources. + ## [3.0.0] - 2020-8-5 ### Changed - The AWS MediaLive default CloudFormation parameter for channel start has been changed to false. diff --git a/deployment/live-streaming-on-aws.yaml b/deployment/live-streaming-on-aws.yaml index 3825c03..d06f036 100644 --- a/deployment/live-streaming-on-aws.yaml +++ b/deployment/live-streaming-on-aws.yaml @@ -207,7 +207,8 @@ Resources: - medialive:DeleteInputSecurityGroup - medialive:DescribeChannel - medialive:StartChannel - - medialive:TagResource + - medialive:CreateTags + - medialive:DeleteTags Resource: - !Join ["", ["arn:aws:medialive:", Ref: "AWS::Region", ":", Ref: "AWS::AccountId", ":*"]] - @@ -258,21 +259,53 @@ Resources: PolicyName: !Sub "${AWS::StackName}-mediatranscode-role" PolicyDocument: Statement: - - + - + Effect: Allow + Action: + - mediastore:ListContainers + - mediastore:PutObject + - mediastore:GetObject + - mediastore:DeleteObject + - mediastore:DescribeObject + Resource: + - !Join ["", ["arn:aws:mediastore:", Ref: "AWS::Region", ":", Ref: "AWS::AccountId", ":*"]] + - + Effect: Allow + Action: + - logs:CreateLogGroup + - logs:CreateLogStream + - logs:PutLogEvents + - logs:DescribeLogStreams + - logs:DescribeLogGroups + Resource: arn:aws:logs:*:*:* + - Effect: Allow Action: - - mediaconnect:ManagedDescribeFlow - - mediaconnect:ManagedAddOutput - - mediaconnect:ManagedRemoveOutput + - mediaconnect:ManagedDescribeFlow + - mediaconnect:ManagedAddOutput + - mediaconnect:ManagedRemoveOutput Resource: - !Join ["", ["arn:aws:mediaconnect:", Ref: "AWS::Region", ":", Ref: "AWS::AccountId", ":*"]] - - + - Effect: Allow Action: - - mediapackage:DescribeChannel + - ec2:describeSubnets + - ec2:describeNetworkInterfaces + - ec2:createNetworkInterface + - ec2:createNetworkInterfacePermission + - ec2:deleteNetworkInterface + - ec2:deleteNetworkInterfacePermission + - ec2:describeSecurityGroups + Resource: + - !Join ["", ["arn:aws:ec2:", Ref: "AWS::Region", ":", Ref: "AWS::AccountId", ":*"]] + - + Effect: Allow + Action: + - mediapackage:DescribeChannel Resource: - !Join ["", ["arn:aws:mediapackage:", Ref: "AWS::Region", ":", Ref: "AWS::AccountId", ":channels/*"]] + MediaPackageRole: Type: AWS::IAM::Role Properties: @@ -705,4 +738,4 @@ Outputs: LogsBucket: Description: Logs bucket - Value: !Ref LogsBucket + Value: !Ref LogsBucket \ No newline at end of file diff --git a/source/console/package-lock.json b/source/console/package-lock.json index 54e9d5a..319157a 100644 --- a/source/console/package-lock.json +++ b/source/console/package-lock.json @@ -14129,9 +14129,9 @@ "integrity": "sha1-QFQRqOfmM5/mTbmiNN4R3DHgK9Q=" }, "tmpl": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", - "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==" + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", + "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==" }, "to-arraybuffer": { "version": "1.0.1", diff --git a/source/custom-resource/package-lock.json b/source/custom-resource/package-lock.json index 31ac329..749d19b 100644 --- a/source/custom-resource/package-lock.json +++ b/source/custom-resource/package-lock.json @@ -144,12 +144,12 @@ } }, "axios": { - "version": "0.21.2", - "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.2.tgz", - "integrity": "sha512-87otirqUw3e8CzHTMO+/9kh/FSgXt/eVDvipijwDtEuwbkySWZ9SBm6VEubmJ/kLKEoLQV/POhxXFb66bfekfg==", - "requires": { - "follow-redirects": "^1.14.0" - } + "version": "0.21.2", + "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.2.tgz", + "integrity": "sha512-87otirqUw3e8CzHTMO+/9kh/FSgXt/eVDvipijwDtEuwbkySWZ9SBm6VEubmJ/kLKEoLQV/POhxXFb66bfekfg==", + "requires": { + "follow-redirects": "^1.14.0" + } }, "axios-mock-adapter": { "version": "1.18.2", @@ -493,9 +493,9 @@ } }, "follow-redirects": { - "version": "1.14.3", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.14.3.tgz", - "integrity": "sha512-3MkHxknWMUtb23apkgz/83fDoe+y+qr0TdgacGIA7bew+QLBo3vdgEN2xEsuXNivpFy4CyDhBBZnNZOtalmenw==" + "version": "1.13.1", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.13.1.tgz", + "integrity": "sha512-SSG5xmZh1mkPGyKzjZP8zLjltIfpW32Y5QpdNJyjcfGxK3qo3NDDkZOZSFiGn1A6SclQxY9GzEwAHQ3dmYRWpg==" }, "fs.realpath": { "version": "1.0.0",