Tasks for AWS 2.17 Release Notes

28 November 2018

The Utoolity team is pleased to present Tasks for AWS 2.17 – this release adds support for using AWS CloudFormation Macros with nested stacks, adds support for tagging ECS resources and injecting sensitive data from the AWS Systems Manager Parameter Store or the AWS Secrets Manager into Amazon ECS containers, and adds support for the Python 3.7 runtime and 15 minutes execution time in AWS Lambda.

You can now forego change sets and use macros directly with the Create Stack and Update Stack actions in the AWS CloudFormation Stack task to enable usage with nested stacks, tag your ECS resources via all supported Amazon ECS tasks, inject parameters and secrets into Amazon ECS containers with the Amazon ECS Task Definition task, and use the Python 3.7 runtime and the extended 15 minutes execution time in the AWS Lambda Function task.

If you are using Bamboo remote agents, please review the Tasks for AWS 2.17 Upgrade Notes for important information on this release.

Highlights

Use AWS CloudFormation macros with nested stacks

You can now use AWS CloudFormation Macros directly in the Create Stack and Update Stack actions in the AWS CloudFormation Stack task to forego the previously required creation and execution of a change set and thereby enable macro usage with nested stacks. This is enabled by a new capability CAPABILITY_AUTO_EXPAND – refer to the documentation of the CreateStack API action for details:

Some templates contain macros. Macros perform custom processing on templates; this can include simple actions like find-and-replace operations, all the way to extensive transformations of entire templates. Because of this, users typically create a change set from the processed template, so that they can review the changes resulting from the macros before actually creating the stack. If your stack template contains one or more macros, and you choose to create a stack directly from the processed template, without first reviewing the resulting changes in a change set, you must acknowledge this capability. This includes the AWS::Include and AWS::Serverless transforms, which are macros hosted by AWS CloudFormation.

Change sets do not currently support nested stacks. If you want to create a stack from a stack template that contains macros and nested stacks, you must create the stack directly from the template using this capability.

Granular capabilities support

Previous releases only supported capabilities indirectly by means of the legacy Enable IAM flag, which resulted in both CAPABILITY_IAM and CAPABILITY_NAMED_IAM being enabled. In order to support the new CAPABILITY_AUTO_EXPAND and other capabilities going forward, the Enable IAM flag has now been replaced by a Capabilities configuration setting that allows an arbitrary selection of supported capabilities. Existing task configurations are still supported at task execution time and automatically converted to the new format when a task configuration is saved the next time.

 

Tag Amazon ECS resources

You can now tag your Amazon ECS resources via all supported Amazon ECS tasks:

Tags enable you to categorize your AWS resources in different ways, for example, by purpose, owner, or environment. This is useful when you have many resources of the same type – you can quickly identify a specific resource based on the tags you've assigned to it. For example, you could define a set of tags for your account's Amazon ECS container instances which helps you track each container instance's owner and stack level.

Tagging ECS resources requires new ECS ARN format

Support for tagging ECS resources requires you to opt-in to the new ECS ARN format – refer to Migrating your Amazon ECS deployment to the new ARN and resource ID format for details.

 

Inject SSM parameters and secrets into Amazon ECS containers

You can now use the Amazon ECS Task Definition task to inject sensitive data into your containers by storing your sensitive data in AWS Systems Manager Parameter Store parameters and then referencing them in your container definition – refer to Specifying Sensitive Data for details:

As customers build applications, they need to reference sensitive information such as database credentials, tokens, configuration variables or SSH keys. Previously, customers had to directly reference this sensitive information in the task definition or manage your own run-time secrets with custom solutions to decouple secrets from core application logic stored in container images.

Now, you have new task definition conventions for exposing sensitive information stored in AWS Systems Manager Parameter Store to container instances. [...]

Use AWS Systems Manager Parameter Store with Bamboo

You can also use the AWS Systems Manager Parameter Store directly within Bamboo build plans and deployment projects via the dedicated AWS Systems Manager Parameter task.

Integration with AWS Secrets Manager

Besides natively supporting encrypted Secure String Parameters, the AWS Systems Manager Parameter Store is also integrated with the dedicated AWS Secrets Manager – refer to Referencing AWS Secrets Manager Secrets from Parameter Store Parameters for details.

 

Use the Python 3.7 runtime and 15 minutes execution time for AWS Lambda functions

You can now use the Python 3.7 runtime and the extended 15 minutes execution time in the AWS Lambda Function task – refer to the resp. introductory posts for details:

Resolved issues

Release 2.17.2

2018-12-20

This release addresses the following issues:

  • Improvements

    • TAWS-1670 – Surface new AWS region EU (Stockholm) / eu-north-1

    • TAWS-1686 – Surface support for additional Step Functions region eu-west-3

    • TAWS-1687 – Surface support for additional Step Functions region sa-east-1

Release 2.17.1

2018-12-07

This release addresses the following issues:

  • Improvements

    • TAWS-1646 – Add support for EC2 instance hibernation

    • TAWS-1647 – Add support for Lambda Ruby 2.5 runtime

    • TAWS-1648 – Add support for Lambda custom runtimes

    • TAWS-1651 – Add support for S3 object lock parameters within upload/copy actions

    • TAWS-1653 – Adjust Lambda runtime display names to match AWS approach

    • TAWS-1654 – Add support for Lambda layers

Release 2.17.0

2018-11-28

This release addresses the following issues:

  • Stories

    • TAWS-1624 – As a user, I want support for CAPABILITY_AUTO_EXPAND so that I can use CloudFormation macros with nested stacks

  • Improvements

    • TAWS-1029 (UAA-201) – Add support for multiple CloudFormation capabilities

    • TAWS-1597 – Add support for Docker sysctl, interactive, and tty flags in ECS containers

    • TAWS-1611 – Update available Elastic Beanstalk solution stacks (as per 2018-09-25)

    • TAWS-1613 – Add support for 15 minutes Lambda execution time

    • TAWS-1615 – Update available Elastic Beanstalk solution stacks (as per 2018-10-31)

    • TAWS-1618 – Add support for new ECS ARN format

    • TAWS-1619 – Add support for ECS resource tagging

    • TAWS-1620 – Add support for Docker ipcMode and pidMode flags in ECS containers

    • TAWS-1621 – Add support for doubled Lambda asynchronous invocation payload size of 256KB

    • TAWS-1622 – Update available Elastic Beanstalk solution stacks (as per 2018-11-16)

    • TAWS-1623 – Add support for SSM parameters and secrets injection in ECS containers

    • TAWS-1626 – Surface new AWS region GovCloud (US-East) / us-gov-east-1

    • TAWS-1627 – Add support for Lambda Python 3.7 runtime

  • Bugs

    • TAWS-1595 – Fix SSM secure string parameters not being masked in Bamboo logs

    • TAWS-1612 – Fix NullPointerException when task resources have "password" in the name

  • Tasks

    • TAWS-1640 – Drop support for Bamboo 5.14

Atlassian®, Atlassian Bamboo®, Bitbucket®, Atlassian Crowd®, Confluence®, Jira®, Jira Service Management™, Opsgenie®, and Statuspage™ are registered trademarks of Atlassian.
Amazon Web Services™, AWS™ and the “Powered by Amazon Web Services” logo are trademarks of Amazon.com, Inc. or its affiliates in the United States and/or other countries.

Utoolity® is a registered trademark of Utoolity GmbH.
© 2024 Utoolity GmbH. All rights reserved.