Releases: CircleCI-Public/aws-cli-orb
v4.1.0 - Add Region Flag to Assume Role Command, Bug fixes and Refactoring
What's Changed
- fix: add touch to initialize $bash_env by @brivu in #138
- fix: role session name by @brivu in #140
- fix: nounset shell by @brivu in #141
- fix: set default region by @brivu in #142
- fix:terraform image install by @brivu in #144
- chore: update MacOS executor to use Gen2 by @JoeMitchellJones in #145
- feat: features and bug fixes from pull requests by @brivu in #154
New Contributors
- @JoeMitchellJones made their first contribution in #145
Full Changelog: v4.0.0...v4.1.0
v4.0.0 - Major Orb Tools Update
Description
This major release updates the AWS CLI
Orb to the new major version of Orb Tools. As it contains breaking changes, several modifications were unnecessary to move from v11 to v12.
Changes
- All parameters and commands containing dashes have been converted to the new snake case standard (replace
-
with_
). - The comprehensive list of changes can be found below.
Changes in .circleci/config.yml
:
- Update the orb-tools version from 11.6 to 12.0.
- Move the job requirement list from
orb-tools/publish
toorb-tools/continue
. - Remove the
orb-tools/publish
job since development versions are no longer necessary. - Add the new
orb_name
parameter inorb-tools/continue
. - Rename the
orb-tools/continue
job parameters to comply with the new snake case standard.orb_name
,pipeline_number
andvcs_type
.
Changes in .circleci/test-deploy.yml
:
- Update the orb-tools version from
11.6
to12.0
. - Remove the
aws-cli: circleci/aws-cli@dev:<<pipeline.git.revision>>
line, and replace it withaws-cli: {}
. - Remove the
orb-tools/lint
,orb-tools/pack
, andorb-tools/review
jobs.⚠️ - Rename the
orb-tools/publish
job parameters to comply with the new snake case standard.orb_name
,vcs_type
,pub_type
,enable_pr_comment
andgithub_token
.
- Change the
orb-tools/pack
filter to trigger only on tagged releases.
Changes in src/commands/setup.yml
- Change the
aws-region
parameter toregion
. The new type is astring
with a default value of${AWS_DEFAULT_REGION}
Changes in src/examples/configure_role_arn.yml
:
- Replace
aws-cli/configure-role-arn
withaws-cli/configure_role_arn
to comply with the new snake case standard.
Changes in src/examples/install_aws_cli_with_web_identity.yml
:
- Replace
aws-cli/install_aws_cli_with_web_identity
withaws-cli/install_aws_cli_with_web_identity
to comply with the new snake case standard.
Changes in src/examples/install_aws_cli
:
- Replace
aws-cli/install_aws_cli_with_web_identity
withaws-cli/install_aws_cli_with_web_identity
to comply with the new snake case standard.
test-deploy.yml
as they already run in config.yml
. See Orb-Template #2.
v3.1.5 - Update CircleCI OIDC Token to Version 2
What's Changed
- patch: update to oidc token v2 by @jenny-miggin in #130
New Contributors
- @jenny-miggin made their first contribution in #130
Full Changelog: v3.1.4...v3.1.5
v3.1.4 - Patch fix for Alpine Linux Installation
What's Changed
Full Changelog: v3.1.3...v3.1.4
v3.1.3 - Minor bug fixes for Alpine support
What's Changed
Full Changelog: v3.1.2...v3.1.3
v3.1.2 - Minor bug fixes
What's Changed
- fix: made script posix compliant by @brivu in #115
- [semver:skip] Fixing typo in parameter description by @yaningo in #112
- fix: added error messages for missing parameters by @brivu in #116
- fix: addressed shellcheck errors by @brivu in #117
New Contributors
Full Changelog: v3.1.1...v3.1.2
v3.1.1
v3.1.0 - AWS Web Identity Support using CIRCLE_OIDC token
What's Changed
- feat: v3.1.0 by @brivu in https://github.com/CircleCI-Public/aws-cli-orb/pull103
This minor version update includes the following changes:
Added Commands
assume-role-with-web-identity
- This command generates short lived AWS keys using OpenID Connect. You use an IAM OIDC identity provider to establish trust between CircleCI and your AWS account when running jobs. Creating a Web Identity based role-arn
that's compatible with OpenID Connect in AWS IAM is required.
Added Features
setup
command now includes assume-role-with-web-identity
command. The setup command installs the aws cli
and runs the assume-role-with-web-identity
command if the role-session-id
and role-arn
parameters are passed. If not, a profile is configured with the AWS_SECRET_KEY_ID
and AWS_SECRET_ACCESS_KEY
that are passed as environment variables.
Added Parameters
assume-role-with-web-identity
command has the following parameters
role-arn
: The Amazon Resource Name (ARN) of the role that the caller is assuming. Role ARN must be configured for web identity in this command.role-session-name
: An identifier for the assumed role session. It must be less than 64 characterssession-duration
: The duration of the session in seconds. It defaults to 3600 seconds (1 hour).profile-name
: The profile name to be configured with Web Identity
Usage Example
description: |
Setup the AWS CLI and configure with Web Identity.
Assume roles on AWS without storing keys on CircleCI and utilize short-term credentials instead.
For more information, see the CircleCI OIDC docs: https://circleci.com/docs/2.0/openid-connect-tokens
usage:
version: 2.1
orbs:
aws-cli: circleci/aws-cli@3.1
jobs:
aws-cli-example:
executor: aws-cli/default
steps:
- checkout
- aws-cli/setup:
profile-name: WEB IDENTITY PROFILE
role-arn: arn:aws:iam::123456789012:role/WEB-IDENTITY-ROLE
role-session-name: example-session
- run: echo "Run your code here"
workflows:
aws-cli:
jobs:
- aws-cli-example:
context: aws
Full Changelog: v3.0.0...v3.1.0
v3.0.0 - Windows and Alpine Linux Support
What's Changed
This version update includes the following breaking changes:
role-arn
parameter has been removed from the setup command and is now exclusively in therole-arn-setup
command.
New parameters:
install
command now lets users specify the install and binary directories for the aws cli
install-dir
: Specify the installation dirertory of AWS CLI. Defaults to/usr/local/aws-cli
binary-dir
: The main aws program in the install directory is symbolically linked to the fileaws
in this specified path. Defaults to/usr/local/bin
Added features:
install
command can now be installed on Alpine
Linux and Windows bash.exe
Windows
usesChoclatey
to addAWS
and must be installed prior.- When installing
AWS
onWindows
,bash.exe
must be specified when defining the executor using theshell
parameter like so:
windows:
machine:
image: windows-server-2019-vs2019:stable
shell: bash.exe
resource_class: windows.medium
Issues closed:
PR's closed:
Full Changelog: v1.4.1...v3.0.0