Releases: cloudposse/geodesic
v3.0.0
🚀 Geodesic version 3 (#945)
Breaking Changes
Geodesic Version 3 is not about adding new features, it is about slimming down and removing support for outdated tools and workflows. Many have complained that the Geodesic Docker image is too big. Geodesic v3 is roughly half the size of the Geodesic v2.10.0. 🥳
As such, there are many breaking changes, but for most people, there should be little or no impact.
Major Changes
Alpine Discontinued
Geodesic was first released based on Alpine. With Version 2, we added a Debian-based version, and deprecated the Alpine version. Now, with Version 3, we are only publishing the Debian-based version.
Terraform replaced with OpenTofu
Previously, Geodesic shipped with the latest version of Terraform installed. Now Geodesic ships with OpenTofu installed instead. Using the Debian alternatives system, it is also installed as an alternative to Terraform, so it can be run as either tofu
or terraform
.
Unneeded Packages Removed
Recently we removed AWS CLI v1 and Google SDK from the base version of Geodesic. With Geodesic version 3, we are removing additional Debian packages that were not worth the space in the Docker image. For the most part, any of these tools can be added back using apt-get install
in your Dockerfile if you want them.
Removed Packages
- direnv
- fuse3
- goofys
- groff (note that
groff-base
is installed instead, so thegroff
command itself remains) - musl-dev
- pandoc
- python3 (see note below)
- terragrunt
- variant
- variant2
Note on Python3
The python3
Debian package installs a segregated Python in /usr/bin/python3
for use only by system packages. Significantly, this installation of Python uses dist-packages
instead of site-packages
to reference installed packages. Read more about this in Debian Python: Deviations from Upstream. We have not found it useful in Geodesic, so we no longer install it.
Geodesic continues to ship with a very recent version of Python installed for users in /usr/local/bin/python3
and using site-packages
, sourced from the official Python source distribution.
Removed Support for Obsolete Workflows and Tools
Geodesic is the tool Cloud Posse uses to support its customers in their workflows. As Cloud Posse's reference architecture and standard workflows have changed, a lot of the custom scripts and other support for the old workflows is no longer in use and has not been maintained. In version 3, the support is fully removed. Here is a representative list of support that has been removed, though it may not be fully complete.
- Many years ago, configurations were managed by a combination of Makefiles and
direnv
+envrc
(and our similartfenv
tool). All of that support has been removed, including customizations and addons tomake
and Makefiles in general. We no longer usemake
from within Geodesic. - Around the same time, we built Kubernetes clusters using
kops
and had extensive support for that. That has all been removed in favor of using AWS EKS to manage Kubernetes, and other solutions (such as AWS ECS) for managing workloads without using Kubernetes. - As part of this ancient system, we had customized enhancements in support of helmfile. That support has been removed. We now use our own tool, Atmos to do all that
helmfile
could do and so much more. - We have also removed support for using
make
to generate your own Makefile to build your own version of Geodesic. That mechanism was too customized forkops
and custom tooling we no longer support. We recommend instead that you useMakefile.custom
file as a template and fill in the blanks manually. - Related scripts like
build-kops-manifest
,deps
,kopsctl
, andhelmctl
have been removed. - All custom support for Atlantis has been removed. You may be able to use Atlantis under Geodesic v3, but Cloud Posse stopped using Atlantis several years ago and so we are no longer providing official support for it.
- Customized, built-in support for AWS authentication via Okta, aws-vault, and saml2aws has been dropped. We recommend managing authentication either via
aws sso
or Leapp, which provides support for integration with SAML IdP, AWS SSO, and other authentication mechanisms. (Note: Although Noovolari has announced the end of commercial support for Leapp Pro, Leapp started out as open source and we expect the open source version of Leapp to remain supported and one of the best cloud credential management tools available for the foreseeable future.) - Previously, we configured
XDG_CONFIG_HOME
(see the XDG Base Directory Specification for more details) to point to a directory in the Geodesic Docker image, so that we could store configuration supporting the above in that directory. With this initial release of Geodesic v3, we are starting to migrateXDG_*
to the Docker host's file system. If you setXDG_CONFIG_HOME
on your host, Geodesic will import that value for use from within Geodesic. (Moving Geodesic's own configuration toXDG_CONFIG_HOME
is planned to come at a later date, most likely in Geodesic v4.) Geodesic no longer pre-populates anything inXDG_CONFIG_HOME
. - Previously, Geodesic had support for mounting an AWS S3 bucket as a local file system. This was never terrifically robust, and was only used to support
kops
operations, so it has been entirely removed.
what
- Drop Alpine version of Geodesic
- Replace Terraform with OpenTofu
- Remove obsolete and underutilized packages, tools, scripts, and related support
why
- Alpine's incompatibilities with Linux are a continuing maintenance issue and not worth the relatively modest reduction in Docker image size given the volume of additional tools and support Geodesic adds.
- Hashicorp has changed Terraform's License and it is no longer compatible with Cloud Posse's mission. OpenTofu is intended to be a drop-in replacement for Terraform and is in much better alignment with Cloud Posse's values.
- Dramatically reduce the size of the Geodesic Docker image
- Reduce the maintenance issues that result from having complex features that neither Cloud Posse nor its customers use anymore.
v2.11.3
🚀 Enhancements
Fix colorized string in prompt @Nuru (#942)
what
- Fix colorized text added to prompt without delimiters for color codes by
aws.sh
why
- Bash counts the characters in the prompt to manage viewing and editing command history. Non-printing characters must be delimited so they are not counted in the prompt text length.
Every Release
In every release, we update all unpinned packages to their latest packaged versions.
On a regular basis (roughly weekly), on Alpine only, we update the AWS CLI v1 and its dependencies to the latest versions. Debian does not have AWS CLI v1 installed, only v2.
These changes are not detailed here.
v2.11.2
🏗️ Build/Release Maintenance
PR & Release management maintenance @Nuru (#940)
what
- Install font needed by
vhs-action
in a separate step - Label PRs that only affect the Alpine version as
alpine-only
- Exclude Apline-only PRs from release notes
- Add a standard catchall to every release note
why
- Work around broken
install-fonts
invhs-action
- Deprecate Alpine, focus release notes on Debian
- The AWS CLI v1 and
boto3
release notes are huge and yet not very informative - Packages are updated on every release, without those changes being documented, so let people know that
references
Every Release
In every release, we update all unpinned packages to their latest packaged versions.
On a regular basis (roughly weekly), on Alpine only, we update the AWS CLI v1 and its dependencies to the latest versions. Debian does not have AWS CLI v1 installed, only v2.
These changes are not detailed here.
v2.11.1
🚀 Enhancements
Dockerfile examples, Renovate config, color text bugfixes @Nuru (#939)
what
- Update Dockerfile examples
- Update Renovate config
- Update
vhs-action
GHA to v2 - Better support for non-terminals and monochrome terminals with respect to colorized output
why
- Closes #927
- Properly exclude Dockerfiles that should not be updated
- Update dependencies
- Resolve errors displayed when running VHS
🧰 Included Tools [Alpine only]
Update dependency cryptography to v42.0.7 @renovate (#938)
This PR contains the following updates:
Package | Change | Age | Adoption | Passing | Confidence |
---|---|---|---|---|---|
cryptography (changelog) | ==42.0.6 -> ==42.0.7 |
Release Notes
v2.11.0 OpenTofu, Minor Breaking Changes
💥 Breaking Changes
OpenTofu
OK, not a breaking change, but we are excited about it:
we have made it easy to install OpenTofu into
Geodesic. At the command line or in your Dockerfile, just run:
Debian:
# We recommend pinning the version to ensure reproducibility
apt-get update && apt-get install tofu=1.6.2
Alpine:
# At this point, it seems there is only one version of OpenTofu available
# for Alpine, and a new version would be in a different repository, and it
# might get in the way nof updating later, so we don't pin the version here.
apk update && apk add opentofu@opentofu
Google Cloud SDK no longer pre-installed
Previously we pre-installed the Google Cloud SDK in the base image. Recent
changes to the Google Cloud SDK have made it seem like there is no good
one-size-fits-all way to install it, and peopple who need it would be better
served by picking the version and extra packages they want and having control
over when they are upgraded. So we have removed the Google Cloud SDK from the
base image.
We have left the Google Cloud Package repository installed in Debian, so you
can install the Google Cloud CLI with:
apt-get update && apt-get install google-cloud-cli
For Alpine, we used to install the Google Cloud SDK like this, which may or may not work with the switch to Google Cloud CLI, but should give you a good starting point anyway:
Alpine Dockerfile installing Google Cloud SDK
FROM google/cloud-sdk:$GOOGLE_CLOUD_SDK_VERSION-alpine as google-cloud-sdk
FROM alpine:$ALPINE_VERSION
#...
#
# Install Google Cloud SDK
#
ENV CLOUDSDK_CONFIG=/localhost/.config/gcloud/
COPY --from=google-cloud-sdk /google-cloud-sdk/ /usr/local/google-cloud-sdk/
RUN ln -s /usr/local/google-cloud-sdk/completion.bash.inc /etc/bash_completion.d/gcloud.sh && \
ln -s /usr/local/google-cloud-sdk/bin/gcloud /usr/local/bin/ && \
ln -s /usr/local/google-cloud-sdk/bin/gsutil /usr/local/bin/ && \
ln -s /usr/local/google-cloud-sdk/bin/bq /usr/local/bin/
On both Debian and Alpine, we used to set some configuration options for the
Google Cloud SDK. If you want to set these options, you can do so in your
Dockerfile like this:
# gcloud config writes successful status updates to stderr, but we want to preserve
# stderr for real errors in need of action.
RUN { gcloud config set core/disable_usage_reporting true --installation && \
gcloud config set component_manager/disable_update_check true --installation && \
gcloud config set metrics/environment github_docker_image --installation; } 2>&1
AWS CLI v1 and Python requirements removed [Debain only]
We have removed the AWS CLI v1 and its Python requirements (including boto3
)
from the Debian Geodesic. CLI v2 has been the default for nearly 3 years, so
we expect this to impact few to no users. If you need the AWS CLI v1 on Debian,
you can install it with:
pip3 install awscli
On Alpine, we have never installed the AWS CLI v2, because it requires
glibc
, and we continue to install AWS CLI v1 as before.
🚀 Enhancements
Update Dependencies, add OpenTofu package repo @Nuru (#936)
Breaking Changes
- Google Cloud SDK is no longer pre-installed. The Google Cloud Debian package repository is installed, so you can install it into Debian with
apt-get
. - AWS CLI v1 is no longer installed in Debian. The CLI v2 has been the default for Debian Geodesic for almost 3 years, so this should impact many people, if any.
- Python dependencies of AWS CLI v2 (including
boto3
) are also no longer pre-installed on Debian.
what
All OSes
- Update repository default branch name
master
->main
- Google Cloud SDK is no longer installed
Debian only
- Update Debian 12.4 -> 12.5
- Update Python 3.12.2 -> 2.12.3
- Add OpenTofu Debian package repository
- Pin
kubectl
package to Cloud Posse repository over Google Cloud SDK repository
Alpine only
- Update
bindfs
on Alpine 1.17.6 -> 1.17.7 - Install Alpine v3.19
community
package repo as@opentofu
why
- Branch name: Conform to Cloud Posse and GitHub standards.
- The
google-cloud-sdk
package is deprecated in favor ofgoogle-cloud-cli
and additional packages. For example, the current version of the Google Cloud CLI is 474.0.0, but the latestgoogle-cloud-sdk
package version is 467.0.0. - Recent releases of Google Cloud SDK (474.0.0, 473.0.0, and 470.0.0) have had breaking changes, making it important that users have control over which version they use and when they change versions. There is no longer a single good choice of which version to install, so Cloud Posse does not want force one on anyone.
- Reduce size of distributed Docker image.
- Debian version, Debian Python version, Alpine BindFS version: Stay current.
- Enable OpenTofu to be installed easily:
- On Debian:
apt-get update && apt-get install tofu
(or ...tofu=1.6.2
) - On Alpine:
apk update && apk add opentofu@opentofu
- On Debian:
- Google Cloud SDK package repo has a package named
kubectl
that installs multiple versions ofkubectl
, causing excessive bloat. Cloud Posse'skubectl
package installs only the latest version, sufficient forkubectl-auto-select
to determine and install the correct version for your cluster. Cloud Posse provideskubectl-1.x
packages which take advantage of the Debian Alternatives system to allow both versions to be present but automatically select the more specific package's version to be used by default, but this feature is not compatible with Google's package.
references
- OpenTofu
- Google Cloud SDK v473.0.0 Release Notes
- Google Cloud SDK v474.0.0 Release Notes
- Google Cloud Community post referencing deprecation of
google-cloud-sdk
🧰 Included Tools [Alpine Only]
Update dependency cryptography to v42.0.6 @renovate (#937)
This PR contains the following updates:
Package | Change | Age | Adoption | Passing | Confidence |
---|---|---|---|---|---|
cryptography (changelog) | ==42.0.5 -> ==42.0.6 |
Release Notes
v2.10.1
🚀 Enhancements
You can now run update-terminal-mode dark
or update-terminal-mode light
to force the dark/light mode setting if auto-detection does not work.
Dark mode caching fix @Nuru (#934)
what
- Fix caching of terminal escape codes
- Update
update-terminal-mode
command to allow forcing a mode - rename internal
update_terraform_prompt
to_update_terraform_prompt
why
- Substantial performance improvement on every command line prompt
- Auto-detection is likely to be unavailable or wrong on some terminals
- Keep internal functions from showing up in command line completions
v2.10.0
🚀 Enhancements
Initial support for dark mode terminals @Nuru (#933)
notes
Dark mode
This release brings preliminary support for "dark mode" terminals, and a simplified option for a Terraform workspace prompt. If you find problems, please report them, but we expect the situation will at least be no worse than before.
Mainly, with respect to dark mode terminals, after setting a text color, we do not "revert" by setting the text to black, we now revert by setting foreground and background to terminal defaults.
Similarly, after setting text to bold, we no longer reset all graphics settings, we just unset bold. If this causes a problem in your terminal, you can revert the behavior by setting the environment variable TERM_BOLD_OFF=$(tput sgr0)
inside Geodesic.
Terraform workspace in prompt
Geodesic has a legacy option for displaying the current Terraform workspace when in a directory with *.tf
files. The prompts used to instruct you what to do if no workspace was selected, assuming you were using the old Cloud Posse tooling based on make
and direnv
. Those instructions have been removed, and you now have the option of just having the Terraform workspace displayed in the prompt.
Because all the prompt now does is indicate the current Terraform workspace, the environment variable GEODESIC_TERRAFORM_WORKSPACE_PROMPT_ENABLED
is no longer used (assumed to be true
). The Terraform information display in the prompt remains controlled by the GEODESIC_TF_PROMPT_ENABLED
environment variable, which defaults to false
.
what
- Initial support for "dark mode" terminals
- More generic Terraform workspace prompt, just shows active workspace
- Update scripts to keep them from polluting the environment with leftover variables
why
- In many cases, after setting a text color, Geodesic was "resetting" the text color by setting it to black. This fails in dark mode terminals, where the background is black and the text color should be changed to white instead.
- As a bonus, text that was previously yellow, which can be hard to read on light mode terminals, will now be rendered as magenta in light mode. Similarly, blue text (which Geodesic never used) will be rendered as cyan in dark mode, for improved visibility.
- Terraform's current workspace affects what Terraform does, but is not otherwise visible.
- Good hygiene, preemptively avoid conflicts.
v2.9.7
🧰 Included Tools
Update AWS CLI packages @renovate (#932)
This PR contains the following updates:
Package | Change | Age | Adoption | Passing | Confidence |
---|---|---|---|---|---|
awscli (source, changelog) | ==1.32.79 -> ==1.32.93 |
||||
boto3 | ==1.34.79 -> ==1.34.93 |
Release Notes
aws/aws-cli (awscli)
v1.32.93
=======
- api-change:
codepipeline
: Add ability to manually and automatically roll back a pipeline stage to a previously successful execution. - api-change:
cognito-idp
: Add LimitExceededException to SignUp errors - api-change:
connectcampaigns
: This release adds support for specifying if Answering Machine should wait for prompt sound. - api-change:
marketplace-entitlement
: Releasing minor endpoint updates. - api-change:
oam
: This release introduces support for Source Accounts to define which Metrics and Logs to share with the Monitoring Account - api-change:
rds
: SupportsLimitlessDatabase field added to describe-db-engine-versions to indicate whether the DB engine version supports Aurora Limitless Database. - api-change:
support
: Releasing minor endpoint updates. - enhancement:dependency: Bump upper bound of colorama to <0.4.7; fixes
#​7086 <https://github.com/aws/aws-cli/issues/7086>
__
v1.32.92
=======
- api-change:
appsync
: UpdateGraphQLAPI documentation update and datasource introspection secret arn update - api-change:
fms
: AWS Firewall Manager adds support for network ACL policies to manage Amazon Virtual Private Cloud (VPC) network access control lists (ACLs) for accounts in your organization. - api-change:
ivs
: Bug Fix: IVS does not support arns with thesvs
prefix - api-change:
ivs-realtime
: Bug Fix: IVS Real Time does not support ARNs using thesvs
prefix. - api-change:
rds
: Updates Amazon RDS documentation for setting local time zones for RDS for Db2 DB instances. - api-change:
stepfunctions
: Add new ValidateStateMachineDefinition operation, which performs syntax checking on the definition of a Amazon States Language (ASL) state machine.
v1.32.91
=======
- api-change:
datasync
: This change allows users to disable and enable the schedules associated with their tasks. - api-change:
ec2
: Launching capability for customers to enable or disable automatic assignment of public IPv4 addresses to their network interface - api-change:
emr-containers
: EMRonEKS Service support for SecurityConfiguration enforcement for Spark Jobs. - api-change:
entityresolution
: Support Batch Unique IDs Deletion. - api-change:
gamelift
: Amazon GameLift releases container fleets support for public preview. Deploy Linux-based containerized game server software for hosting on Amazon GameLift. - api-change:
ssm
: Add SSM DescribeInstanceProperties API to public AWS SDK.
v1.32.90
=======
- api-change:
bedrock
: This release introduces Model Evaluation and Guardrails for Amazon Bedrock. - api-change:
bedrock-agent
: Introducing the ability to create multiple data sources per knowledge base, specify S3 buckets as data sources from external accounts, and exposing levers to define the deletion behavior of the underlying vector store data. - api-change:
bedrock-agent-runtime
: This release introduces zero-setup file upload support for the RetrieveAndGenerate API. This allows you to chat with your data without setting up a Knowledge Base. - api-change:
bedrock-runtime
: This release introduces Guardrails for Amazon Bedrock. - api-change:
ce
: Added additional metadata that might be applicable to your reservation recommendations. - api-change:
ec2
: This release introduces EC2 AMI Deregistration Protection, a new AMI property that can be enabled by customers to protect an AMI against an unintended deregistration. This release also enables the AMI owners to view the AMI 'LastLaunchedTime' in DescribeImages API. - api-change:
pi
: Clarifies how aggregation works for GetResourceMetrics in the Performance Insights API. - api-change:
rds
: Fix the example ARN for ModifyActivityStreamRequest - api-change:
workspaces-web
: Added InstanceType and MaxConcurrentSessions parameters on CreatePortal and UpdatePortal Operations as well as the ability to read Customer Managed Key & Additional Encryption Context parameters on supported resources (Portal, BrowserSettings, UserSettings, IPAccessSettings)
v1.32.89
=======
- api-change:
bedrock-agent
: Releasing the support for simplified configuration and return of control - api-change:
bedrock-agent-runtime
: Releasing the support for simplified configuration and return of control - api-change:
payment-cryptography
: Adding support to TR-31/TR-34 exports for optional headers, allowing customers to add additional metadata (such as key version and KSN) when exporting keys from the service. - api-change:
redshift-serverless
: Updates description of schedule field for scheduled actions. - api-change:
route53profiles
: Route 53 Profiles allows you to apply a central DNS configuration across many VPCs regardless of account. - api-change:
sagemaker
: This release adds support for Real-Time Collaboration and Shared Space for JupyterLab App on SageMaker Studio. - api-change:
servicediscovery
: This release adds examples to several Cloud Map actions. - api-change:
transfer
: Adding new API to support remote directory listing using SFTP connector
v1.32.88
=======
- api-change:
glue
: Adding RowFilter in the response for GetUnfilteredTableMetadata API - api-change:
internetmonitor
: This update introduces the GetInternetEvent and ListInternetEvents APIs, which provide access to internet events displayed on the Amazon CloudWatch Internet Weather Map. - api-change:
personalize
: This releases auto training capability while creating a solution and automatically syncing latest solution versions when creating/updating a campaign
v1.32.87
=======
- api-change:
drs
: Outpost ARN added to Source Server and Recovery Instance - api-change:
emr-serverless
: This release adds the capability to publish detailed Spark engine metrics to Amazon Managed Service for Prometheus (AMP) for enhanced monitoring for Spark jobs. - api-change:
guardduty
: Added IPv6Address fields for local and remote IP addresses - api-change:
quicksight
: This release adds support for the Cross Sheet Filter and Control features, and support for warnings in asset imports for any permitted errors encountered during execution - api-change:
rolesanywhere
: This release introduces the PutAttributeMapping and DeleteAttributeMapping APIs. IAM Roles Anywhere now provides the capability to define a set of mapping rules, allowing customers to specify which data is extracted from their X.509 end-entity certificates. - api-change:
sagemaker
: Removed deprecated enum values and updated API documentation. - api-change:
workspaces
: Adds new APIs for managing and sharing WorkSpaces BYOL configuration across accounts.
v1.32.86
=======
- api-change:
ec2
: Documentation updates for Elastic Compute Cloud (EC2). - api-change:
qbusiness
: This release adds support for IAM Identity Center (IDC) as the identity gateway for Q Business. It also allows users to provide an explicit intent for Q Business to identify ...
v2.9.6
🧰 Included Tools
Update AWS CLI packages @renovate (#931)
This PR contains the following updates:
Package | Change | Age | Adoption | Passing | Confidence |
---|---|---|---|---|---|
awscli (source, changelog) | ==1.32.69 -> ==1.32.79 |
||||
boto3 | ==1.34.69 -> ==1.34.79 |
Release Notes
aws/aws-cli (awscli)
v1.32.79
=======
- api-change:
quicksight
: Adding IAMIdentityCenterInstanceArn parameter to CreateAccountSubscription - api-change:
resource-groups
: Added a new QueryErrorCode RESOURCE_TYPE_NOT_SUPPORTED that is returned by the ListGroupResources operation if the group query contains unsupported resource types. - api-change:
verifiedpermissions
: Adding BatchIsAuthorizedWithToken API which supports multiple authorization requests against a PolicyStore given a bearer token.
v1.32.78
=======
- api-change:
b2bi
: Adding support for X12 5010 HIPAA EDI version and associated transaction sets. - api-change:
cleanrooms
: Feature: New schemaStatusDetails field to the existing Schema object that displays a status on Schema API responses to show whether a schema is queryable or not. New BatchGetSchemaAnalysisRule API to retrieve multiple schemaAnalysisRules using a single API call. - api-change:
ec2
: Amazon EC2 G6 instances powered by NVIDIA L4 Tensor Core GPUs can be used for a wide range of graphics-intensive and machine learning use cases. Gr6 instances also feature NVIDIA L4 GPUs and can be used for graphics workloads with higher memory requirements. - api-change:
emr-containers
: This release adds support for integration with EKS AccessEntry APIs to enable automatic Cluster Access for EMR on EKS. - api-change:
ivs
: API update to include an SRT ingest endpoint and passphrase for all channels. - api-change:
verifiedpermissions
: Adds GroupConfiguration field to Identity Source API's
v1.32.77
=======
- api-change:
cleanroomsml
: The release includes a public SDK for AWS Clean Rooms ML APIs, making them globally available to developers worldwide. - api-change:
cloudformation
: This release would return a new field - PolicyAction in cloudformation's existed DescribeChangeSetResponse, showing actions we are going to apply on the physical resource (e.g., Delete, Retain) according to the user's template - api-change:
datazone
: This release supports the feature of dataQuality to enrich asset with dataQualityResult in Amazon DataZone. - api-change:
docdb
: This release adds Global Cluster Switchover capability which enables you to change your global cluster's primary AWS Region, the region that serves writes, while preserving the replication between all regions in the global cluster. - api-change:
groundstation
: This release adds visibilityStartTime and visibilityEndTime to DescribeContact and ListContacts responses. - api-change:
lambda
: Add Ruby 3.3 (ruby3.3) support to AWS Lambda - api-change:
medialive
: Cmaf Ingest outputs are now supported in Media Live - api-change:
medical-imaging
: SearchImageSets API now supports following enhancements - Additional support for searching on UpdatedAt and SeriesInstanceUID - Support for searching existing filters between dates/times - Support for sorting the search result by Ascending/Descending - Additional parameters returned in the response - api-change:
transfer
: Add ability to specify Security Policies for SFTP Connectors
v1.32.76
=======
- api-change:
ecs
: Documentation only update for Amazon ECS. - api-change:
glue
: Adding View related fields to responses of read-only Table APIs. - api-change:
ivschat
: Doc-only update. Changed "Resources" to "Key Concepts" in docs and updated text. - api-change:
rolesanywhere
: This release increases the limit on the roleArns request parameter for the *Profile APIs that support it. This parameter can now take up to 250 role ARNs. - api-change:
securityhub
: Documentation updates for AWS Security Hub
v1.32.75
=======
- api-change:
cloudwatch
: This release adds support for CloudWatch Anomaly Detection on cross-account metrics. SingleMetricAnomalyDetector and MetricDataQuery inputs to Anomaly Detection APIs now take an optional AccountId field. - api-change:
datazone
: This release supports the feature of AI recommendations for descriptions to enrich the business data catalog in Amazon DataZone. - api-change:
deadline
: AWS Deadline Cloud is a new fully managed service that helps customers set up, deploy, and scale rendering projects in minutes, so they can improve the efficiency of their rendering pipelines and take on more projects. - api-change:
emr
: This release fixes a broken link in the documentation. - api-change:
lightsail
: This release adds support to upgrade the TLS version of the distribution.
v1.32.74
=======
- api-change:
b2bi
: Supporting new EDI X12 transaction sets for X12 versions 4010, 4030, and 5010. - api-change:
codebuild
: Add new fleet status code for Reserved Capacity. - api-change:
codeconnections
: Duplicating the CodeStar Connections service into the new, rebranded AWS CodeConnections service. - api-change:
internetmonitor
: This release adds support to allow customers to track cross account monitors through ListMonitor, GetMonitor, ListHealthEvents, GetHealthEvent, StartQuery APIs. - api-change:
iotwireless
: Add support for retrieving key historical and live metrics for LoRaWAN devices and gateways - api-change:
marketplace-catalog
: This release enhances the ListEntities API to support ResaleAuthorizationId filter and sort for OfferEntity in the request and the addition of a ResaleAuthorizationId field in the response of OfferSummary. - api-change:
neptune-graph
: Add the new API Start-Import-Task for Amazon Neptune Analytics. - api-change:
sagemaker
: This release adds support for custom images for the CodeEditor App on SageMaker Studio - enhancement:
s3
: Add parameter to validate source and destination S3 URIs to themv
command.
v1.32.73
=======
- api-change:
codecatalyst
: This release adds support for understanding pending changes to subscriptions by including two new response parameters for the GetSubscription API for Amazon CodeCatalyst. - api-change:
compute-optimizer
: This release enables AWS Compute Optimizer to analyze and generate recommendations with a new customization preference, Memory Utilization. - api-change:
ec2
: Amazon EC2 C7gd, M7gd and R7gd metal instances with up to 3.8 TB of local NVMe-based SSD block-level storage have up to 45% improved real-time NVMe storage performance than comparable Graviton2-based instances. - api-change:
eks
: Add multiple customer error code to handle customer caused failure when managing EKS node groups - api-change:
guardduty
: Add EC2 support for GuardDuty Runtime Monitoring auto management. - api-change:
neptune-graph
: Update ImportTaskCancelled waiter to evaluate task state correctly and minor documentation changes. - api-change:
oam
: This release adds support for sharing AWS::InternetMonitor::Monitor resources. - api-change:
quicksight
: Amazon QuickSight: Adds support for setting up VPC Endpoint restrictions for accessing QuickSight Website.
v1.32.72
=======
- api-change:
batch
: This feature allows AWS Batch to supp...
v2.9.5
🧰 Included Tools
Update AWS CLI packages @renovate (#930)
This PR contains the following updates:
Package | Change | Age | Adoption | Passing | Confidence |
---|---|---|---|---|---|
awscli (source, changelog) | ==1.32.54 -> ==1.32.69 |
||||
boto3 | ==1.34.54 -> ==1.34.69 |
Release Notes
aws/aws-cli (awscli)
v1.32.69
=======
- api-change:
firehose
: Updates Amazon Firehose documentation for message regarding Enforcing Tags IAM Policy. - api-change:
kendra
: Documentation update, March 2024. Corrects some docs for Amazon Kendra. - api-change:
pricing
: Add ResourceNotFoundException to ListPriceLists and GetPriceListFileUrl APIs - api-change:
rolesanywhere
: This release relaxes constraints on the durationSeconds request parameter for the *Profile APIs that support it. This parameter can now take on values that go up to 43200. - api-change:
securityhub
: Added new resource detail object to ASFF, including resource for LastKnownExploitAt
v1.32.68
=======
- api-change:
codeartifact
: This release adds Package groups to CodeArtifact so you can more conveniently configure package origin controls for multiple packages.
v1.32.67
=======
- api-change:
accessanalyzer
: This release adds support for policy validation and external access findings for DynamoDB tables and streams. IAM Access Analyzer helps you author functional and secure resource-based policies and identify cross-account access. Updated service API, documentation, and paginators. - api-change:
codebuild
: This release adds support for new webhook events (RELEASED and PRERELEASED) and filter types (TAG_NAME and RELEASE_NAME). - api-change:
connect
: This release updates the *InstanceStorageConfig APIs to support a new ResourceType: REAL_TIME_CONTACT_ANALYSIS_CHAT_SEGMENTS. Use this resource type to enable streaming for real-time analysis of chat contacts and to associate a Kinesis stream where real-time analysis chat segments will be published. - api-change:
dynamodb
: This release introduces 3 new APIs ('GetResourcePolicy', 'PutResourcePolicy' and 'DeleteResourcePolicy') and modifies the existing 'CreateTable' API for the resource-based policy support. It also modifies several APIs to accept a 'TableArn' for the 'TableName' parameter. - api-change:
managedblockchain-query
: AMB Query: update GetTransaction to include transactionId as input - api-change:
savingsplans
: Introducing the Savings Plans Return feature enabling customers to return their Savings Plans within 7 days of purchase.
v1.32.66
=======
- api-change:
cloudformation
: Documentation update, March 2024. Corrects some formatting. - api-change:
ec2
: This release adds the new DescribeMacHosts API operation for getting information about EC2 Mac Dedicated Hosts. Users can now see the latest macOS versions that their underlying Apple Mac can support without needing to be updated. - api-change:
finspace
: Adding new attributes readWrite and onDemand to dataview models for Database Maintenance operations. - api-change:
logs
: Update LogSamples field in Anomaly model to be a list of LogEvent - api-change:
managedblockchain-query
: Introduces a new API for Amazon Managed Blockchain Query: ListFilteredTransactionEvents.
v1.32.65
=======
- api-change:
cloudformation
: This release supports for a new API ListStackSetAutoDeploymentTargets, which provider auto-deployment configuration as a describable resource. Customers can now view the specific combinations of regions and OUs that are being auto-deployed. - api-change:
kms
: Adds the ability to use the default policy name by omitting the policyName parameter in calls to PutKeyPolicy and GetKeyPolicy - api-change:
mediatailor
: This release adds support to allow customers to show different content within a channel depending on metadata associated with the viewer. - api-change:
rds
: This release launches the ModifyIntegration API and support for data filtering for zero-ETL Integrations. - api-change:
s3
: Fix two issues with response root node names. - api-change:
timestream-query
: Documentation updates, March 2024
v1.32.64
=======
- api-change:
backup
: This release introduces a boolean attribute ManagedByAWSBackupOnly as part of ListRecoveryPointsByResource api to filter the recovery points based on ownership. This attribute can be used to filter out the recovery points protected by AWSBackup. - api-change:
codebuild
: AWS CodeBuild now supports overflow behavior on Reserved Capacity. - api-change:
connect
: This release adds Hierarchy based Access Control fields to Security Profile public APIs and adds support for UserAttributeFilter to SearchUsers API. - api-change:
ec2
: Add media accelerator and neuron device information on the describe instance types API. - api-change:
kinesisanalyticsv2
: Support for Flink 1.18 in Managed Service for Apache Flink - api-change:
s3
: Documentation updates for Amazon S3. - api-change:
sagemaker
: Adds m6i, m6id, m7i, c6i, c6id, c7i, r6i r6id, r7i, p5 instance type support to Sagemaker Notebook Instances and miscellaneous wording fixes for previous Sagemaker documentation. - api-change:
workspaces-thin-client
: Removed unused parameter kmsKeyArn from UpdateDeviceRequest
v1.32.63
=======
- api-change:
amplify
: Documentation updates for Amplify. Identifies the APIs available only to apps created using Amplify Gen 1. - api-change:
ec2-instance-connect
: This release includes a new exception type "SerialConsoleSessionUnsupportedException" for SendSerialConsoleSSHPublicKey API. - api-change:
elbv2
: This release allows you to configure HTTP client keep-alive duration for communication between clients and Application Load Balancers. - api-change:
fis
: This release adds support for previewing target resources before running a FIS experiment. It also adds resource ARNs for actions, experiments, and experiment templates to API responses. - api-change:
rds
: Updates Amazon RDS documentation for EBCDIC collation for RDS for Db2. - api-change:
secretsmanager
: Doc only update for Secrets Manager - api-change:
timestream-influxdb
: This is the initial SDK release for Amazon Timestream for InfluxDB. Amazon Timestream for InfluxDB is a new time-series database engine that makes it easy for application developers and DevOps teams to run InfluxDB databases on AWS for near real-time time-series applications using open source APIs.
v1.32.62
=======
- api-change:
ivs-realtime
: adds support for multiple new composition layout configuration options (grid, pip) - api-change:
kinesisanalyticsv2
: Support new RuntimeEnvironmentUpdate parameter within UpdateApplication API allowing callers to change the Flink version upon which their application runs. - api-change:
s3
: This release makes the default option for S3 on Outposts request signing to use the SigV4A algorithm when using AWS Common Runtime (CRT).
v1.32.61
=======
- api-change:
cloudformation
: CloudFormation documentation update for March, 2024 - api-change:
connect
: This release increases MaxResults limit to ...