Releases: cloudposse/geodesic
Releases · cloudposse/geodesic
v2.1.3
🧰 Included Tools
Update AWS CLI packages @renovate (#845)
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| awscli (source, changelog) | ==1.27.114 -> ==1.27.118 |
||||
| boto3 | ==1.26.114 -> ==1.26.118 |
Release Notes
aws/aws-cli
v1.27.118
========
- api-change:
connect: This release adds a new API CreateParticipant. For Amazon Connect Chat, you can use this new API to customize chat flow experiences. - api-change:
ecs: Documentation update to address various Amazon ECS tickets. - api-change:
fms: AWS Firewall Manager adds support for multiple administrators. You can now delegate more than one administrator per organization.
v1.27.117
========
- api-change:
chime-sdk-media-pipelines: This release adds support for specifying the recording file format in an S3 recording sink configuration. - api-change:
chime-sdk-meetings: Adds support for Hindi and Thai languages and additional Amazon Transcribe parameters to the StartMeetingTranscription API. - api-change:
chime: Adds support for Hindi and Thai languages and additional Amazon Transcribe parameters to the StartMeetingTranscription API. - api-change:
gamelift: Amazon GameLift supports creating Builds for Windows 2016 operating system. - api-change:
guardduty: This release adds support for the new Lambda Protection feature. - api-change:
iot: Support additional OTA states in GetOTAUpdate API - api-change:
sagemaker: Amazon SageMaker Canvas adds ModelRegisterSettings support for CanvasAppSettings. - api-change:
snowball: Adds support for Amazon S3 compatible storage. AWS Snow Family customers can now use Amazon S3 compatible storage on Snowball Edge devices. Also adds support for V3_5S. This is a refreshed AWS Snowball Edge Storage Optimized device type with 210TB SSD (customer usable). - api-change:
wafv2: You can now create encrypted API keys to use in a client application integration of the JavaScript CAPTCHA API . You can also retrieve a list of your API keys and the JavaScript application integration URL.
v1.27.116
========
- bugfix:Output: Consistently remove ResponseMetadata field for all commands (
#​7829 <https://github.com/aws/aws-cli/pull/7829>__) - api-change:
comprehend: This release supports native document models for custom classification, in addition to plain-text models. You train native document models using documents (PDF, Word, images) in their native format. - api-change:
ecs: This release supports the Account Setting "TagResourceAuthorization" that allows for enhanced Tagging security controls. - api-change:
ram: This release adds support for customer managed permissions. Customer managed permissions enable customers to author and manage tailored permissions for resources shared using RAM. - api-change:
rds: Adds support for the ImageId parameter of CreateCustomDBEngineVersion to RDS Custom for Oracle - api-change:
s3: Provides support for "Snow" Storage class. - api-change:
s3control: Provides support for overriding endpoint when region is "snow". This will enable bucket APIs for Amazon S3 Compatible storage on Snow Family devices. - api-change:
secretsmanager: Documentation updates for Secrets Manager
v1.27.115
========
- api-change:
appflow: This release adds a Client Token parameter to the following AppFlow APIs: Create/Update Connector Profile, Create/Update Flow, Start Flow, Register Connector, Update Connector Registration. The Client Token parameter allows idempotent operations for these APIs. - api-change:
drs: Changed existing APIs and added new APIs to support using an account-level launch configuration template with AWS Elastic Disaster Recovery. - api-change:
dynamodb: Documentation updates for DynamoDB API - api-change:
emr-serverless: The GetJobRun API has been updated to include the job's billed resource utilization. This utilization shows the aggregate vCPU, memory and storage that AWS has billed for the job run. The billed resources include a 1-minute minimum usage for workers, plus additional storage over 20 GB per worker. - api-change:
internetmonitor: This release includes a new configurable value, TrafficPercentageToMonitor, which allows users to adjust the amount of traffic monitored by percentage - api-change:
iotwireless: Supports the new feature of LoRaWAN roaming, allows to configure MaxEirp for LoRaWAN gateway, and allows to configure PingSlotPeriod for LoRaWAN multicast group - api-change:
lambda: Add Python 3.10 (python3.10) support to AWS Lambda
boto/boto3
v1.26.118
========
- api-change:
connect: [botocore] This release adds a new API CreateParticipant. For Amazon Connect Chat, you can use this new API to customize chat flow experiences. - api-change:
ecs: [botocore] Documentation update to address various Amazon ECS tickets. - api-change:
fms: [botocore] AWS Firewall Manager adds support for multiple administrators. You can now delegate more than one administrator per organization.
v1.26.117
========
- api-change:
chime-sdk-media-pipelines: [botocore] This release adds support for specifying the recording file format in an S3 recording sink configuration. - api-change:
chime-sdk-meetings: [botocore] Adds support for Hindi and Thai languages and additional Amazon Transcribe parameters to the StartMeetingTranscription API. - api-change:
chime: [botocore] Adds support for Hindi and Thai languages and additional Amazon Transcribe parameters to the StartMeetingTranscription API. - api-change:
gamelift: [botocore] Amazon GameLift supports creating Builds for Windows 2016 operating system. - api-change:
guardduty: [botocore] This release adds support for the new Lambda Protection feature. - api-change:
iot: [botocore] Support additional OTA states in GetOTAUpdate API - api-change:
sagemaker: [botocore] Amazon SageMaker Canvas adds ModelRegisterSettings support for CanvasAppSettings. - api-change:
snowball: [botocore] Adds support for Amazon S3 compatible storage. AWS Snow Family customers can now use Amazon S3 compatible storage on Snowball Edge devices. Also adds support for V3_5S. This is a refreshed AWS Snowball Edge Storage Optimized device type with 210TB SSD (customer usable). - api-change:
wafv2: [botocore] You can now create encrypted API keys to use in a client application integration of the JavaScript CAPTCHA API . You can also retrieve a list of your API keys and the JavaScript application integration URL.
v1.26.116
========
- api-change:
comprehend: [botocore] This release supports native document models for custom classification, in addition to plain-text models. You train native document models using documents (PDF, Word, images) in their native format. - api-change:
ecs: [botocore] This release supports the Account Setting "TagResourceAuthorization" that allows for enhanced Tagging security controls. - api-change:
ram: [botocore] This release adds support for customer managed permissions. Customer managed permissions enable customers to author and manage tailored permissions for resources shared using RAM. - api-change:
rds: [botocore] Adds support for the ImageId parameter of CreateCustomDBEngine...
Contributors
renovate
Assets 2
v2.1.2
🧰 Included Tools
Update dependency cryptography to v40.0.2 @renovate (#844)
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| cryptography (changelog) | ==40.0.1 -> ==40.0.2 |
Release Notes
Update AWS CLI packages @renovate (#843)
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| awscli (source, changelog) | ==1.27.105 -> ==1.27.109 |
||||
| boto3 | ==1.26.105 -> ==1.26.109 |
Release Notes
aws/aws-cli
v1.27.109
========
- api-change:
dlm: Updated timestamp format for GetLifecyclePolicy API - api-change:
docdb: This release adds a new parameter 'DBClusterParameterGroupName' to 'RestoreDBClusterFromSnapshot' API to associate the name of the DB cluster parameter group while performing restore. - api-change:
fsx: Amazon FSx for Lustre now supports creating data repository associations on Persistent_1 and Scratch_2 file systems. - api-change:
lambda: This release adds a new Lambda InvokeWithResponseStream API to support streaming Lambda function responses. The release also adds a new InvokeMode parameter to Function Url APIs to control whether the response will be streamed or buffered. - api-change:
quicksight: This release has two changes: adding the OR condition to tag-based RLS rules in CreateDataSet and UpdateDataSet; adding RefreshSchedule and Incremental RefreshProperties operations for users to programmatically configure SPICE dataset ingestions. - api-change:
redshift-data: Update documentation of API descriptions as needed in support of temporary credentials with IAM identity. - api-change:
servicecatalog: Updates description for property
v1.27.108
========
- api-change:
cloudformation: Including UPDATE_COMPLETE as a failed status for DeleteStack waiter. - api-change:
greengrassv2: Add support for SUCCEEDED value in coreDeviceExecutionStatus field. Documentation updates for Greengrass V2. - api-change:
proton: This release adds support for the AWS Proton service sync feature. Service sync enables managing an AWS Proton service (creating and updating instances) and all of it's corresponding service instances from a Git repository. - api-change:
rds: Adds and updates the SDK examples
v1.27.107
========
- bugfix:eks: Fix eks kubeconfig validations closes
#​6564 <https://github.com/aws/aws-cli/issues/6564>, fixes#​4843 <https://github.com/aws/aws-cli/issues/4843>, fixes#​5532 <https://github.com/aws/aws-cli/issues/5532>__ - api-change:
apprunner: App Runner adds support for seven new vCPU and memory configurations. - api-change:
config: This release adds resourceType enums for types released in March 2023. - api-change:
ecs: This is a document only updated to add information about Amazon Elastic Inference (EI). - api-change:
identitystore: Documentation updates for Identity Store CLI command reference. - api-change:
ivs-realtime: Fix ParticipantToken ExpirationTime format - api-change:
network-firewall: AWS Network Firewall now supports IPv6-only subnets. - api-change:
servicecatalog: removed incorrect product type value - api-change:
vpc-lattice: This release removes the entities in the API doc model package for auth policies.
v1.27.106
========
- api-change:
amplifyuibuilder: Support StorageField and custom displays for data-bound options in form builder. Support non-string operands for predicates in collections. Support choosing client to get token from. - api-change:
autoscaling: Documentation updates for Amazon EC2 Auto Scaling - api-change:
dataexchange: This release updates the value of MaxResults. - api-change:
ec2: C6in, M6in, M6idn, R6in and R6idn bare metal instances are powered by 3rd Generation Intel Xeon Scalable processors and offer up to 200 Gbps of network bandwidth. - api-change:
elastic-inference: Updated public documentation for the Describe and Tagging APIs. - api-change:
sagemaker-runtime: Update sagemaker-runtime command to latest version - api-change:
sagemaker: Amazon SageMaker Asynchronous Inference now allows customer's to receive failure model responses in S3 and receive success/failure model responses in SNS notifications. - api-change:
wafv2: This release rolls back association config feature for webACLs that protect CloudFront protections.
boto/boto3
v1.26.109
========
- api-change:
dlm: [botocore] Updated timestamp format for GetLifecyclePolicy API - api-change:
docdb: [botocore] This release adds a new parameter 'DBClusterParameterGroupName' to 'RestoreDBClusterFromSnapshot' API to associate the name of the DB cluster parameter group while performing restore. - api-change:
fsx: [botocore] Amazon FSx for Lustre now supports creating data repository associations on Persistent_1 and Scratch_2 file systems. - api-change:
lambda: [botocore] This release adds a new Lambda InvokeWithResponseStream API to support streaming Lambda function responses. The release also adds a new InvokeMode parameter to Function Url APIs to control whether the response will be streamed or buffered. - api-change:
quicksight: [botocore] This release has two changes: adding the OR condition to tag-based RLS rules in CreateDataSet and UpdateDataSet; adding RefreshSchedule and Incremental RefreshProperties operations for users to programmatically configure SPICE dataset ingestions. - api-change:
redshift-data: [botocore] Update documentation of API descriptions as needed in support of temporary credentials with IAM identity. - api-change:
servicecatalog: [botocore] Updates description for property
v1.26.108
========
- api-change:
cloudformation: [botocore] Including UPDATE_COMPLETE as a failed status for DeleteStack waiter. - api-change:
greengrassv2: [botocore] Add support for SUCCEEDED value in coreDeviceExecutionStatus field. Documentation updates for Greengrass V2. - api-change:
proton: [botocore] This release adds support for the AWS Proton service sync feature. Service sync enables managing an AWS Proton service (creating and updating instances) and all of it's corresponding service instances from a Git repository. - api-cha...
Contributors
renovate
Assets 2
v2.1.1
🏗️ Build/Release Maintenance
Publish "latest" image to Docker hub @Nuru (#842)
what & why
Since Geodesic v1.8.0 we have published Docker images to public.ecr.aws/cloudposse/geodesic as well as Docker hub cloudposse/geodesic. However, due to a bug in our script, the latest tag was only being pushed to public.ecr.aws and Docker hub latest was stuck at 1.7.0-alpine.
When Geodesic v2.0.0 was released, we started tagging the Debian image as latest instead of the Alpine image, but due to the above bug, that only affected the public.ecr.aws repo, not the Docker hub rep. With this release, we restore updates of the latest tag to Docker hub, and consequently shift latest from Alpine to Debian there, too.
references
Contributors
Nuru
Assets 2
v2.1.0
🚀 Enhancements
- Install stubs for tools missing
arm64support @Nuru (#841)- Note that in Geodesic 2.0.0 the
amd64version ofgoofyswas installed in thearm64Debian image. In this version, it is replaced with a stub explaining it is not supported onarm64. - Tools that were removed from Geodesic 2.0.0 for lack of multi-architecture support have been restored in the
amd64builds, and replaced with stubs in thearm64build. The stubs help to explain why scripts depending on those tools might fail, but it interferes with usingcommand -vto see if the tools are installed. In a future release we will probably remove all the tools and stubs, and the scripts that depend on them,, but invite community feedback in our Slack channel.
- Note that in Geodesic 2.0.0 the
🧰 Included Tools
- Update AWS CLI packages @renovate (#838)
- Update dependency cryptography to v40 @renovate (#839)
- Update alpine Docker tag to v3.17.3 @renovate (#840)
🧰 Included Tools (details)
Update AWS CLI packages @renovate (#838)
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| awscli (source, changelog) | ==1.27.92 -> ==1.27.100 |
||||
| boto3 | ==1.26.92 -> ==1.26.100 |
Release Notes
aws/aws-cli
v1.27.100
========
- api-change:
athena: Enforces a minimal level of encryption for the workgroup for query and calculation results that are written to Amazon S3. When enabled, workgroup users can set encryption only to the minimum level set by the administrator or higher when they submit queries. - api-change:
chime-sdk-voice: Documentation updates for Amazon Chime SDK Voice. - api-change:
connect: This release introduces support for RelatedContactId in the StartChatContact API. Interactive message and interactive message response have been added to the list of supported message content types for this API as well. - api-change:
connectparticipant: This release provides an update to the SendMessage API to handle interactive message response content-types. - api-change:
iotwireless: Introducing new APIs that enable Sidewalk devices to communicate with AWS IoT Core through Sidewalk gateways. This will empower AWS customers to connect Sidewalk devices with other AWS IoT Services, creating possibilities for seamless integration and advanced device management. - api-change:
medialive: AWS Elemental MediaLive now supports ID3 tag insertion for audio only HLS output groups. AWS Elemental Link devices now support tagging. - api-change:
sagemaker: Fixed some improperly rendered links in SDK documentation. - api-change:
securityhub: Added new resource detail objects to ASFF, including resources for AwsEksCluster, AWSS3Bucket, AwsEc2RouteTable and AwsEC2Instance. - api-change:
servicecatalog-appregistry: In this release, we started supporting ARN in applicationSpecifier and attributeGroupSpecifier. GetAttributeGroup, ListAttributeGroups and ListAttributeGroupsForApplication APIs will now have CreatedBy field in the response. - api-change:
voice-id: Amazon Connect Voice ID now supports multiple fraudster watchlists. Every domain has a default watchlist where all existing fraudsters are placed by default. Custom watchlists may now be created, managed, and evaluated against for known fraudster detection.
v1.27.99
=======
- api-change:
cloudwatch: Update cloudwatch command to latest version - api-change:
comprehend: This release adds a new field (FlywheelArn) to the EntitiesDetectionJobProperties object. The FlywheelArn field is returned in the DescribeEntitiesDetectionJob and ListEntitiesDetectionJobs responses when the EntitiesDetection job is started with a FlywheelArn instead of an EntityRecognizerArn . - api-change:
rds: Added error code CreateCustomDBEngineVersionFault for when the create custom engine version for Custom engines fails.
v1.27.98
=======
- enhancement:eks: Add user-alias argument to update-kubeconfig command. Implements
#​5164 <https://github.com/aws/aws-cli/issues/5164>__ - api-change:
batch: This feature allows Batch to support configuration of ephemeral storage size for jobs running on FARGATE - api-change:
chime-sdk-identity: AppInstanceBots can be used to add a bot powered by Amazon Lex to chat channels. ExpirationSettings provides automatic resource deletion for AppInstanceUsers. - api-change:
chime-sdk-media-pipelines: This release adds Amazon Chime SDK call analytics. Call analytics include voice analytics, which provides speaker search and voice tone analysis. These capabilities can be used with Amazon Transcribe and Transcribe Call Analytics to generate machine-learning-powered insights from real-time audio. - api-change:
chime-sdk-messaging: ExpirationSettings provides automatic resource deletion for Channels. - api-change:
chime-sdk-voice: This release adds Amazon Chime SDK call analytics. Call analytics include voice analytics, which provides speaker search and voice tone analysis. These capabilities can be used with Amazon Transcribe and Transcribe Call Analytics to generate machine-learning-powered insights from real-time audio. - api-change:
codeartifact: Repository CreationTime is added to the CreateRepository and ListRepositories API responses. - api-change:
guardduty: Adds AutoEnableOrganizationMembers attribute to DescribeOrganizationConfiguration and UpdateOrganizationConfiguration APIs. - api-change:
ivs-realtime: Initial release of the Amazon Interactive Video Service RealTime API. - api-change:
mediaconvert: AWS Elemental MediaConvert SDK now supports passthrough of ID3v2 tags for audio inputs to audio-only HLS outputs. - api-change:
sagemaker: Amazon SageMaker Autopilot adds two new APIs - CreateAutoMLJobV2 and DescribeAutoMLJobV2. Amazon SageMaker Notebook Instances now supports the ml.geospatial.interactive instance type. - api-change:
servicediscovery: Reverted the throttling exception RequestLimitExceeded for AWS Cloud Map APIs introduced in SDK version 1.12.424 2023-03-09 to previous exception specified in the ErrorCode. - api-change:
textract: The AnalyzeDocument - Tables feature adds support for new elements in the API: table titles, footers, section titles, summary cells/tables, and table type.
v1.27.97
=======
- api-change:
iam: Documentation updates for AWS Identity and Access Management (IAM). - api-change:
iottwinmaker: This release adds support of adding metadata when creating a new scene or updating an existing scene. - api-change:
networkmanager: This release includes an update to create-transit-gateway-route-table-attachment, showing example usage for TransitGatewayRouteTableArn. - api-change:
pipes: This release improves validation on the ARNs in the API model - api-change:
resiliencehub: This release provides customers with the ability to import resources from within an EKS cluster and assess the resiliency of EKS cluster workloads. - api-change:
ssm: This Patch Manager release supports creating, updating, and deleting Patch Baselines for AmazonLinux2023, AlmaLinux.
v1.27.96
=======
- api-change:
chime-sdk-messaging: Amazon Chime SDK messaging customers can now manage streaming configuration for messaging data for archival and analysis. - api-change:
cleanrooms: GA Release of AWS Clean Rooms, Added Tagging Functionality - api-change:
ec2: This release adds support for AWS Network Firewall, AWS PrivateLink, and Gateway Load Balancers t...
Contributors
renovate and Nuru
Assets 2
v2.0.0 Breaking changes, Apple M1 support
🚀 Enhancements
Initial support for ARM @Nuru (#837)
Breaking changes (building)
In addition to the changes listed below, this release may bring unexpected breaking changes, ironically due to support for ARM.
Geodesic now must be built with BuildKit. Failing to use BuildKit will generate errors due to ARG TARGETARCH being undefined (it is pre-defined by BuildKit and should not be added on the command line).
BuildKit is installed and used by default by Docker Desktop. For Docker on Linux, recommended options are:
- Enable BuildKit on Linux temporarily by adding to Makefile:
export DOCKER_BUILDKIT := 1- Ensure your Linux installation has BuildKit enabled by configuration by adding
{
"features": {
"buildkit" : true
}
}to /etc/docker/daemon.json (and restarting the daemon).
Previously, if you built a Docker image based on Geodesic on an ARM machine like an Apple M1, because Geodesic was only available in linux/amd64 architecture, your build would have been forced into linux/amd64 architecture and your installations, whether from apt-get or other sources, would have had to have been the same linux/amd64 architecture to work. (The build and run of the resulting Docker image would have been run under emulation.) Now, if you are building on an Apple M1 or M2, you will get the Geodesic linux/arm64 architecture (using native, not emulated code for build and execution, with potentially huge performance benefits), and the rest of your Dockerfile will need to be updated to install architecture-specific packages, some of which may not exist. You will need to decide if you want to go on without them or rather stick to linux/amd64 emulation to retain them.
Furthermore, if you built and pushed a Geodesic image in the past, you would always get a single architecture (linux/amd64) image. Now, if you are not careful, you may overwrite that with a linux/arm64 image, causing slowdowns for people using your image on Intel/AMD/X86_64 hardware. If you want to support both architectures in a shared image, you will need to use Docker buildx to generate a multi-platform image.
If you want to avoid all this, you can convert your FROM statement in your Dockerfile from
FROM cloudposse/geodesic:2.0.0-debian
to
FROM --platform=linux/amd64 cloudposse/geodesic:2.0.0-debian
For more information on multi-platform (a.k.a. multi-architecture) builds, see:
Breaking changes (using)
If you have been using Geodesic to run Terraform code on your host machine (Cloud Posses current standard operating procedure), and are caching providers locally (default Terraform behavior), and you switch to using the new architecture, your Terraform lock files will be a problem, because they will only have checksums for the linux_amd64 platform. You can delete the lock files, or update them with terraform providers lock -platform=linux_arm64. If you want to check in your lock files, then no matter which architecture your host is, be sure to have the lock files include both architectures, by running
terraform providers lock -platform=linux_arm64 -platform=linux_amd64
what
- Enhance Debian version of Geodesic to run on
arm64as well asamd64architecture - Make
cloudposse/geodesic:latestimage Debian instead of Alpine. NOTE: due to a bug, fixed in Geodesic 2.1.1, thelatesttag was only being updated in thepublic.ecr.awsrepo, not the Docker Hub repo, sodocker pull cloudposse/geodesic:latestwas stuck at pullinggeodesic:1.7.0-alpineuntil being switched togeodesic:2.1.1-debianwith the v2.1.1 release. - Remove binaries that are not available on
arm64or are just outdated:kopsawlesscfsslrakkesstfenvtfmask
- Remove
init-terraformscript meant to be used with obsoletedirenv/tfenvconfiguration - Copy
pythonfrom "official" pre-built docker images rather than compiling it ourselves - Update Python 3.10.8 -> 3.10.10
- Update Google Cloud SDK 410.0.0 -> 422.0.0 (breaking changes)
- Update Helm-git 0.14.0 -> 0.15.1
why
- Provide native code support for Apple and Gravitron hardware
notes
This is our initial support of arm64 and can be expected to have some bugs to shake out.
We are only supporting arm64 on Debian at this time. We will not support it on Alpine. Will consider supporting CentOS (or its successor) if we have sufficient demand.
Geodesic relies heavily on Cloud Posse's packages distribution, and it has not yet been updated to automatically generate arm64 packages. As a result, for most packages, only the latest version is available in arm64. We have historical versions of atmos, kubectl, and terraform published. If you need historical versions of other packages, you can request them by opening an issue in packages, but please consider either staying on amd64 or updating to the latest version of the binary instead. Please also give us a few weeks to get arm64 packages automated.
references
Contributors
Nuru
Assets 2
v1.9.1
🧰 Included Tools
Update dependency cryptography to v39.0.2 @renovate (#835)
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| cryptography (changelog) | ==39.0.1 -> ==39.0.2 |
Release Notes
Update AWS CLI packages @renovate (#836)
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| awscli (source, changelog) | ==1.27.88 -> ==1.27.92 |
||||
| boto3 | ==1.26.88 -> ==1.26.92 |
Release Notes
aws/aws-cli
v1.27.92
=======
- api-change:
migrationhubstrategy: This release adds the binary analysis that analyzes IIS application DLLs on Windows and Java applications on Linux to provide anti-pattern report without configuring access to the source code. - api-change:
s3control: Added support for S3 Object Lambda aliases. - api-change:
securitylake: Make Create/Get/ListSubscribers APIs return resource share ARN and name so they can be used to validate the RAM resource share to accept. GetDatalake can be used to track status of UpdateDatalake and DeleteDatalake requests.
v1.27.91
=======
- api-change:
application-autoscaling: Application Auto Scaling customers can now use mathematical functions to customize the metric used with Target Tracking policies within the policy configuration itself, saving the cost and effort of publishing the customizations as a separate metric. - api-change:
dataexchange: This release enables data providers to license direct access to S3 objects encrypted with Customer Managed Keys (CMK) in AWS KMS through AWS Data Exchange. Subscribers can use these keys to decrypt, then use the encrypted S3 objects shared with them, without creating or managing copies. - api-change:
directconnect: describe-direct-connect-gateway-associations includes a new status, updating, indicating that the association is currently in-process of updating. - api-change:
ec2: This release adds a new DnsOptions key (PrivateDnsOnlyForInboundResolverEndpoint) to CreateVpcEndpoint and ModifyVpcEndpoint APIs. - api-change:
iam: Documentation only updates to correct customer-reported issues - api-change:
keyspaces: Adding support for client-side timestamps
v1.27.90
=======
- bugfix:
codeartifact login: Prevent AWS CodeArtifact login command from hanging unexpectedly. - api-change:
appintegrations: Adds FileConfiguration to Amazon AppIntegrations CreateDataIntegration supporting scheduled downloading of third party files into Amazon Connect from sources such as Microsoft SharePoint. - api-change:
lakeformation: This release updates the documentation regarding Get/Update DataCellsFilter - api-change:
s3control: Added support for cross-account Multi-Region Access Points. Added support for S3 Replication for S3 on Outposts. - api-change:
tnb: This release adds tagging support to the following Network Instance APIs : Instantiate, Update, Terminate. - api-change:
wisdom: This release extends Wisdom CreateKnowledgeBase API to support SharePoint connector type by removing the @required trait for objectField
v1.27.89
=======
- api-change:
ivschat: This release adds a new exception returned when calling AWS IVS chat UpdateLoggingConfiguration. Now UpdateLoggingConfiguration can return ConflictException when invalid updates are made in sequence to Logging Configurations. - api-change:
secretsmanager: The type definitions of SecretString and SecretBinary now have a minimum length of 1 in the model to match the exception thrown when you pass in empty values.
boto/boto3
v1.26.92
=======
- api-change:
migrationhubstrategy: [botocore] This release adds the binary analysis that analyzes IIS application DLLs on Windows and Java applications on Linux to provide anti-pattern report without configuring access to the source code. - api-change:
s3control: [botocore] Added support for S3 Object Lambda aliases. - api-change:
securitylake: [botocore] Make Create/Get/ListSubscribers APIs return resource share ARN and name so they can be used to validate the RAM resource share to accept. GetDatalake can be used to track status of UpdateDatalake and DeleteDatalake requests.
v1.26.91
=======
- api-change:
application-autoscaling: [botocore] Application Auto Scaling customers can now use mathematical functions to customize the metric used with Target Tracking policies within the policy configuration itself, saving the cost and effort of publishing the customizations as a separate metric. - api-change:
dataexchange: [botocore] This release enables data providers to license direct access to S3 objects encrypted with Customer Managed Keys (CMK) in AWS KMS through AWS Data Exchange. Subscribers can use these keys to decrypt, then use the encrypted S3 objects shared with them, without creating or managing copies. - api-change:
directconnect: [botocore] describe-direct-connect-gateway-associations includes a new status, updating, indicating that the association is currently in-process of updating. - api-change:
ec2: [botocore] This release adds a new DnsOptions key (PrivateDnsOnlyForInboundResolverEndpoint) to CreateVpcEndpoint and ModifyVpcEndpoint APIs. - api-change:
iam: [botocore] Documentation only updates to correct customer-reported issues - api-change:
keyspaces: [botocore] Adding support for client-side timestamps
v1.26.90
=======
- api-change:
appintegrations: [botocore] Adds FileConfiguration to Amazon AppIntegrations CreateDataIntegration supporting scheduled downloading of third party files into Amazon Connect from sources such as Microsoft SharePoint. - api-change:
lakeformation: [botocore] This release updates the documentation regarding Get/Update DataCellsFilter - api-change:
s3control: [botocore] Added support for cross-account Multi-Region Access Points. Added support for S3 Replication for S3 on Outposts. - api-change:
tnb: [botocore] This release adds tagging support to the following Network Instance APIs : Instantiate, Update, Terminate. - api-change:
wisdom: [botocore] This release extends Wisdom CreateKnowledgeBase API to support SharePoint connector...
Contributors
renovate
Assets 2
v1.9.0 Update Alpine v3.17.1 -> v3.17.2
Contributors
renovate
Assets 2
v1.8.1 includes security patches
🧰 Included Tools
Update dependency cryptography to v39.0.1 [SECURITY] @renovate (#832)
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| cryptography (changelog) | ==39.0.0 -> ==39.0.1 |
GitHub Vulnerability Alerts
CVE-2023-23931
Previously, Cipher.update_into would accept Python objects which implement the buffer protocol, but provide only immutable buffers:
>>> outbuf = b"\x00" * 32
>>> c = ciphers.Cipher(AES(b"\x00" * 32), modes.ECB()).encryptor()
>>> c.update_into(b"\x00" * 16, outbuf)
16
>>> outbuf
b'\xdc\x95\xc0x\xa2@​\x89\x89\xadH\xa2\x14\x92\x84 \x87\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'This would allow immutable objects (such as bytes) to be mutated, thus violating fundamental rules of Python. This is a soundness bug -- it allows programmers to misuse an API, it cannot be exploited by attacker controlled data alone.
This now correctly raises an exception.
This issue has been present since update_into was originally introduced in cryptography 1.8.
CVE-2023-0286
pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 0.8.1-39.0.0 are vulnerable to a security issue. More details about the vulnerabilities themselves can be found in https://www.openssl.org/news/secadv/20221213.txt and https://www.openssl.org/news/secadv/20230207.txt.
If you are building cryptography source ("sdist") then you are responsible for upgrading your copy of OpenSSL. Only users installing from wheels built by the cryptography project (i.e., those distributed on PyPI) need to update their cryptography versions.
Release Notes
Update AWS CLI packages @renovate (#829)
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| awscli (source, changelog) | ==1.27.55 -> ==1.27.88 |
||||
| boto3 | ==1.26.55 -> ==1.26.88 |
Release Notes
aws/aws-cli
v1.27.88
=======
- api-change:
codeartifact: This release introduces the generic package format, a mechanism for storing arbitrary binary assets. It also adds a new API, PublishPackageVersion, to allow for publishing generic packages. - api-change:
connect: This release adds a new API, GetMetricDataV2, which returns metric data for Amazon Connect. - api-change:
evidently: Updated entity override documentation - api-change:
networkmanager: This update provides example usage for TransitGatewayRouteTableArn. - api-change:
quicksight: This release has two changes: add state persistence feature for embedded dashboard and console in GenerateEmbedUrlForRegisteredUser API; add properties for hidden collapsed row dimensions in PivotTableOptions. - api-change:
redshift-data: Added support for Redshift Serverless workgroup-arn wherever the WorkgroupName parameter is available. - api-change:
sagemaker: Amazon SageMaker Inference now allows SSM access to customer's model container by setting the "EnableSSMAccess" parameter for a ProductionVariant in CreateEndpointConfig API. - api-change:
servicediscovery: Updated all AWS Cloud Map APIs to provide consistent throttling exception (RequestLimitExceeded) - api-change:
sesv2: This release introduces a new recommendation in Virtual Deliverability Manager Advisor, which detects missing or misconfigured Brand Indicator for Message Identification (BIMI) DNS records for customer sending identities.
v1.27.87
=======
- api-change:
athena: A new field SubstatementType is added to GetQueryExecution API, so customers have an error free way to detect the query type and interpret the result. - api-change:
dynamodb: Adds deletion protection support to DynamoDB tables. Tables with deletion protection enabled cannot be deleted. Deletion protection is disabled by default, can be enabled via the CreateTable or UpdateTable APIs, and is visible in TableDescription. This setting is not replicated for Global Tables. - api-change:
ec2: Introducing Amazon EC2 C7g, M7g and R7g instances, powered by the latest generation AWS Graviton3 processors and deliver up to 25% better performance over Graviton2-based instances. - api-change:
lakeformation: This release adds two new API support "GetDataCellsFiler" and "UpdateDataCellsFilter", and also updates the corresponding documentation. - api-change:
mediapackage-vod: This release provides the date and time VOD resources were created. - api-change:
mediapackage: This release provides the date and time live resources were created. - api-change:
route53resolver: Add dual-stack and IPv6 support for Route 53 Resolver Endpoint,Add IPv6 target IP in Route 53 Resolver Forwarding Rule - api-change:
sagemaker: There needs to be a user identity to specify the SageMaker user who perform each action regarding the entity. However, these is a not a unified concept of user identity across SageMaker service that could be used today.
v1.27.86
=======
- bugfix:eks: Output JSON only for user entry in kubeconfig fixes
#​7719 <https://github.com/aws/aws-cli/issues/7719>, fixes#​7723 <https://github.com/aws/aws-cli/issues/7723>, fixes#​7724 <https://github.com/aws/aws-cli/issues/7724>__ - api-change:
dms: This release adds DMS Fleet Advisor Target Recommendation APIs and exposes functionality for DMS Fleet Advisor. It adds functionality to start Target Recommendation calculation. - api-change:
location: Documentation update for the release of 3 additional map styles for use with Open Data Maps: Open Data Standard Dark, Open Data Visualization Light & Open Data Visualization Dark.
v1.27.85
=======
- api-change:
account: AWS Account alternate contact email addresses can now have a length of 254 characters and contain the character "|". - api-change:
ivs: Updated text description in DeleteChannel, Stream, and StreamSummary.
v1.27.84
=======
- api-change:
dynamodb: Documentation updates for DynamoDB. - api-change:
ec2: This release adds support for a new boot mode for EC2 instances called 'UEFI Preferred'. - api-change:
macie2: Documentation updates for Amazon Macie - api-change:
mediaconvert: The AWS Elemental MediaConvert SDK has improved handling for different input and output color space combinations. - api-change:
medialive: AWS Elemental MediaLive adds support for Nielsen watermark ...
Contributors
renovate
Assets 2
v1.8.0 Update Alpine v3.16.3 -> v3.17.1
Update alpine Docker tag to v3.17.1 @renovate (#817)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| alpine | final | minor | 3.16.3 -> 3.17.1 |
| alpine | stage | minor | 3.16.3 -> 3.17.1 |
🧰 Included Tools
Update dependency cryptography to v39 @renovate (#828)
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| cryptography (changelog) | ==38.0.4 -> ==39.0.0 |
Release Notes
Update AWS CLI packages @renovate (#824)
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| awscli (source, changelog) | ==1.27.27 -> ==1.27.55 |
||||
| boto3 | ==1.26.27 -> ==1.26.55 |
Release Notes
aws/aws-cli
v1.27.55
=======
- enhancement:
gamelift upload-build: Add--server-sdk-versionparameter to theupload-buildcommand - api-change:
lambda: Release Lambda RuntimeManagementConfig, enabling customers to better manage runtime updates to their Lambda functions. This release adds two new APIs, GetRuntimeManagementConfig and PutRuntimeManagementConfig, as well as support on existing Create/Get/Update function APIs. - api-change:
sagemaker: Amazon SageMaker Inference now supports P4de instance types.
v1.27.54
=======
- api-change:
ec2: C6in, M6in, M6idn, R6in and R6idn instances are powered by 3rd Generation Intel Xeon Scalable processors (code named Ice Lake) with an all-core turbo frequency of 3.5 GHz. - api-change:
ivs: API and Doc update. Update to arns field in BatchGetStreamKey. Also updates to operations and structures. - api-change:
quicksight: This release adds support for data bars in QuickSight table and increases pivot table field well limit.
v1.27.53
=======
- api-change:
appflow: Adding support for Salesforce Pardot connector in Amazon AppFlow. - api-change:
codeartifact: Documentation updates for CodeArtifact - api-change:
connect: Amazon Connect Chat introduces Persistent Chat, allowing customers to resume previous conversations with context and transcripts carried over from previous chats, eliminating the need to repeat themselves and allowing agents to provide personalized service with access to entire conversation history. - api-change:
connectparticipant: This release updates Amazon Connect Participant's GetTranscript api to provide transcripts of past chats on a persistent chat session. - api-change:
ec2: Adds SSM Parameter Resource Aliasing support to EC2 Launch Templates. Launch Templates can now store parameter aliases in place of AMI Resource IDs. CreateLaunchTemplateVersion and DescribeLaunchTemplateVersions now support a convenience flag, ResolveAlias, to return the resolved parameter value. - api-change:
glue: Release Glue Studio Hudi Data Lake Format for SDK/CLI - api-change:
groundstation: Add configurable prepass and postpass times for DataflowEndpointGroup. Add Waiter to allow customers to wait for a contact that was reserved through ReserveContact - api-change:
logs: Bug fix - Removed the regex pattern validation from CoralModel to avoid potential security issue. - api-change:
medialive: AWS Elemental MediaLive adds support for SCTE 35 preRollMilliSeconds. - api-change:
opensearch: This release adds the enhanced dry run option, that checks for validation errors that might occur when deploying configuration changes and provides a summary of these errors, if any. The feature will also indicate whether a blue/green deployment will be required to apply a change. - api-change:
panorama: Added AllowMajorVersionUpdate option to OTAJobConfig to make appliance software major version updates opt-in. - api-change:
sagemaker: HyperParameterTuningJobs now allow passing environment variables into the corresponding TrainingJobs
v1.27.52
=======
- api-change:
cloudwatch: Update cloudwatch command to latest version - api-change:
efs: Update efs command to latest version - api-change:
ivschat: Updates the range for a Chat Room's maximumMessageRatePerSecond field. - api-change:
wafv2: Improved the visibility of the guidance for updating AWS WAF resources, such as web ACLs and rule groups.
v1.27.51
=======
- api-change:
billingconductor: This release adds support for SKU Scope for pricing plans. - api-change:
cloud9: Added minimum value to AutomaticStopTimeMinutes parameter. - api-change:
imagebuilder: Add support for AWS Marketplace product IDs as input during CreateImageRecipe for the parent-image parameter. Add support for listing third-party components. - api-change:
network-firewall: Network Firewall now allows creation of dual stack endpoints, enabling inspection of IPv6 traffic.
v1.27.50
=======
- api-change:
connect: This release updates the responses of UpdateContactFlowContent, UpdateContactFlowMetadata, UpdateContactFlowName and DeleteContactFlow API with empty responses. - api-change:
ec2: Documentation updates for EC2. - api-change:
outposts: This release adds POWER_30_KVA as an option for PowerDrawKva. PowerDrawKva is part of the RackPhysicalProperties structure in the CreateSite request. - api-change:
resource-groups: AWS Resource Groups customers can now turn on Group Lifecycle Events in their AWS account. When you turn this on, Resource Groups monitors your groups for changes to group state or membership. Those changes are sent to Amazon EventBridge as events that you can respond to using rules you create.
v1.27.49
=======
- api-change:
cleanrooms: Initial release of AWS Clean Rooms - api-change:
lambda: Add support for MaximumConcurrency parameter for SQS event source. Customers can now limit the maximum concurrent invocations for their SQS Event Source Mapping. - api-change:
logs: Bug fix: logGroupName is now not a required field in GetLogEvents, FilterLogEvents, GetLogGroupFields, and DescribeLogStreams APIs as logGroupIdentifier can be provided instead - api-change:
mediaconvert: The AWS Elemental MediaConvert SDK has added support for compact DASH manifest generation, audio normalization usin...
Contributors
renovate and Benbentwo
Assets 2
v1.7.0 update Debian 11.5 -> 11.6
Update debian Docker tag to v11.6 @renovate (#826)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| debian | final | minor | 11.5-slim -> 11.6-slim |
| debian | stage | minor | 11.5-slim -> 11.6-slim |
🧰 Included Tools
Update dependency crudini to v0.9.4 @renovate (#827)
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| crudini | ==0.9.3 -> ==0.9.4 |
Release Notes
pixelb/crudini
v0.9.4
Bug fixes
-
Fix updating of flag only parameters so they
don't have '=' or '=crudini_no_arg' added added on update. -
Handle closed stdin/stdout gracefully, without giving errors.
Improvements
-
Windows support.
-
Windows line endings are maintained.
-
Lists can be delimited with arbitrary whitespace with
--list-sep=. -
Support for unspaced "name=val" format with
--ini-options=nospace. -
Avoid deprecation warnings about use of
pipesmodule.
Contributors
renovate