From 59a95776de3f32132f9fe9a5607b5ec2391240fe Mon Sep 17 00:00:00 2001 From: Doug Toppin Date: Tue, 11 Jun 2024 08:58:59 -0400 Subject: [PATCH] Update to version v2.2.2 --- .github/ISSUE_TEMPLATE/bug_report.md | 2 +- CHANGELOG.md | 11 +++++ .../lib/mlops_orchestrator_stack.py | 47 ++++++++++--------- source/lambdas/custom_resource/index.py | 2 +- .../solution_helper/requirements-test.txt | 2 +- .../lambdas/solution_helper/requirements.txt | 2 +- 6 files changed, 40 insertions(+), 26 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index 5076a14..26cee51 100755 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -31,4 +31,4 @@ To get the version of the solution, you can look at the description of the creat If applicable, add screenshots to help explain your problem (please **DO NOT include sensitive information**). **Additional context** -Add any other context about the problem here. +Add any other context about the problem here. \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index d7e1716..996855e 100755 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,17 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [2.2.2] - 2024-06-10 + +### Fixed + +- Upgrade issue with Lambda Custom Resource Sagemaker layer copy to new blueprints bucket + +### Updated + +- requests updated to 2.32.3 + + ## [2.2.1] - 2024-05-27 ### Updated diff --git a/source/infrastructure/lib/mlops_orchestrator_stack.py b/source/infrastructure/lib/mlops_orchestrator_stack.py index 1650dc1..25d80ec 100644 --- a/source/infrastructure/lib/mlops_orchestrator_stack.py +++ b/source/infrastructure/lib/mlops_orchestrator_stack.py @@ -144,7 +144,7 @@ def __init__( # This is a logging bucket. access_logs_bucket.node.default_child.cfn_options.metadata = { "cfn_nag": suppress_s3_access_policy(), - "guard": suppress_cfnguard_rules(['S3_BUCKET_NO_PUBLIC_RW_ACL']), + "guard": suppress_cfnguard_rules(["S3_BUCKET_NO_PUBLIC_RW_ACL"]), } # Import user provide S3 bucket, if any. s3.Bucket.from_bucket_arn is used instead of @@ -182,8 +182,8 @@ def __init__( # add cfn-guard suppressions assets_bucket.node.default_child.cfn_options.metadata = { - "guard": suppress_cfnguard_rules(['S3_BUCKET_NO_PUBLIC_RW_ACL']), - } + "guard": suppress_cfnguard_rules(["S3_BUCKET_NO_PUBLIC_RW_ACL"]), + } # Create the resource if create_new_bucket condition is True Aspects.of(assets_bucket).add(ConditionalResources(create_new_bucket)) @@ -209,8 +209,8 @@ def __init__( # add cfn-guard suppressions blueprint_repository_bucket.node.default_child.cfn_options.metadata = { - "guard": suppress_cfnguard_rules(['S3_BUCKET_NO_PUBLIC_RW_ACL']), - } + "guard": suppress_cfnguard_rules(["S3_BUCKET_NO_PUBLIC_RW_ACL"]), + } # add override for access logs bucket access_logs_bucket.add_to_resource_policy( @@ -260,9 +260,9 @@ def __init__( "MLOpsNotificationsTopic", ) ) - mlops_notifications_topic.node.default_child.cfn_options.metadata = ( - { "cfn_nag": suppress_sns() } - ) + mlops_notifications_topic.node.default_child.cfn_options.metadata = { + "cfn_nag": suppress_sns() + } mlops_notifications_topic.add_subscription( subscriptions.EmailSubscription( @@ -316,6 +316,9 @@ def __init__( self, "CustomResourceCopyAssets", service_token=custom_resource_lambda_fn.function_arn, + properties={ + "blueprint_bucket": blueprint_repository_bucket.bucket_name, + }, ) custom_resource.node.add_dependency(blueprint_repository_bucket) # IAM policies setup ### @@ -354,7 +357,7 @@ def __init__( "code": lambda_.Code.from_asset("../lambdas/pipeline_orchestration"), "layers": [sm_layer], "timeout": Duration.minutes(10), - "memory_size": 512 + "memory_size": 512, }, api_gateway_props={ "defaultMethodOptions": { @@ -367,19 +370,19 @@ def __init__( ) # add lambda suppressions - provisioner_apigw_lambda.lambda_function.node.default_child.cfn_options.metadata = ( - { "cfn_nag": suppress_lambda_policies() } - ) + provisioner_apigw_lambda.lambda_function.node.default_child.cfn_options.metadata = { + "cfn_nag": suppress_lambda_policies() + } # add API Gateway suppressions - provisioner_apigw_lambda.api_gateway.deployment_stage.node.default_child.cfn_options.metadata = ( - { "guard": suppress_cfnguard_rules(["API_GW_CACHE_ENABLED_AND_ENCRYPTED"]) } - ) + provisioner_apigw_lambda.api_gateway.deployment_stage.node.default_child.cfn_options.metadata = { + "guard": suppress_cfnguard_rules(["API_GW_CACHE_ENABLED_AND_ENCRYPTED"]) + } # add CW role suppression - provisioner_apigw_lambda.api_gateway_cloud_watch_role.node.default_child.cfn_options.metadata = ( - { "guard": suppress_cfnguard_rules(["IAM_NO_INLINE_POLICY_CHECK"]) } - ) + provisioner_apigw_lambda.api_gateway_cloud_watch_role.node.default_child.cfn_options.metadata = { + "guard": suppress_cfnguard_rules(["IAM_NO_INLINE_POLICY_CHECK"]) + } provision_resource = provisioner_apigw_lambda.api_gateway.root.add_resource( "provisionpipeline" @@ -400,9 +403,9 @@ def __init__( ) # add role suppressions - provisioner_apigw_lambda.lambda_function.role.node.default_child.cfn_options.metadata = ( - { "guard": suppress_cfnguard_rules(['IAM_NO_INLINE_POLICY_CHECK']) } - ) + provisioner_apigw_lambda.lambda_function.role.node.default_child.cfn_options.metadata = { + "guard": suppress_cfnguard_rules(["IAM_NO_INLINE_POLICY_CHECK"]) + } # Environment variables setup provisioner_apigw_lambda.lambda_function.add_environment( @@ -555,7 +558,7 @@ def __init__( }, ] }, - "guard": suppress_cfnguard_rules(['S3_BUCKET_NO_PUBLIC_RW_ACL']) + "guard": suppress_cfnguard_rules(["S3_BUCKET_NO_PUBLIC_RW_ACL"]), } # custom resource for operational metrics### diff --git a/source/lambdas/custom_resource/index.py b/source/lambdas/custom_resource/index.py index 3c30042..270a1eb 100644 --- a/source/lambdas/custom_resource/index.py +++ b/source/lambdas/custom_resource/index.py @@ -69,6 +69,7 @@ def on_event(event, context): @helper.create +@helper.update def custom_resource(event, _): try: @@ -81,7 +82,6 @@ def custom_resource(event, _): raise e -@helper.update @helper.delete def no_op(_, __): pass # No action is required when stack is deleted diff --git a/source/lambdas/solution_helper/requirements-test.txt b/source/lambdas/solution_helper/requirements-test.txt index c45abe4..2a03210 100644 --- a/source/lambdas/solution_helper/requirements-test.txt +++ b/source/lambdas/solution_helper/requirements-test.txt @@ -1,3 +1,3 @@ crhelper==2.0.6 urllib3==1.26.18 -requests==2.32.0 \ No newline at end of file +requests==2.32.3 \ No newline at end of file diff --git a/source/lambdas/solution_helper/requirements.txt b/source/lambdas/solution_helper/requirements.txt index c45abe4..2a03210 100644 --- a/source/lambdas/solution_helper/requirements.txt +++ b/source/lambdas/solution_helper/requirements.txt @@ -1,3 +1,3 @@ crhelper==2.0.6 urllib3==1.26.18 -requests==2.32.0 \ No newline at end of file +requests==2.32.3 \ No newline at end of file