Releases: guardian/cdk
v62.0.0
Major Changes
-
12be0e5: Access logging for Application Load Balancers (ALBs) is now enabled by default.
Application Load Balancer (ALB) access logs describe, in detail, each request processed by a load balancer, including request paths and status codes.
They are helpful during incident response and are now enabled by default.Previously users of the
GuEc2App,GuNodeApp,GuPlayApp,GuPlayWorkerAppandGuEc2AppExperimentalpatterns could opt-in to this logging via theaccessLoggingproperty and configure the S3 prefix.This property is now removed and replaced with a new optional boolean property
withAccessLoggingwhich defaults totrue.- When
truethe ALB will have access logs enabled, configured to write to the account's S3 bucket using a specific prefix for compatibility with thegucdk_access_logsdatabase created in Athena via https://github.com/guardian/aws-account-setup. - When
falsetheaccess_logs.s3.enabledattribute is now explicitly set tofalse.
A
withAccessLoggingproperty is also added to theGuApplicationLoadBalancerconstruct, with the same behaviour.NOTE: This feature requires a region to be set at the
GuStacklevel, else the following error will be thrown:ValidationError: Region is required to enable ELBv2 access logging
Here's an example of how to set the region:
class MyStack extends GuStack { constructor(scope: App, id: string, props: GuStackProps) { super(scope, id, props); } } const stackInstance = new MyStack(app, "MyStack", { env: { region: "eu-west-1", }, });
There are three cost areas to this feature:
-
Writing to S3.
AWS absorbs these costs.
-
S3 data storage.
This cost will vary depending on the volume of traffic received; more traffic, more logs. To somewhat mitigate this, the target S3 bucket has already been configured to retain logs for 14 days.
-
Reading from S3 using Athena.
This cost will vary depending on the volume of logs queried.
- When
v61.11.1
v61.11.0
Minor Changes
-
44adc37: feat(experimental-ec2-pattern): Echo RiffRaffDeploymentId in user-data
This change adds a new CloudFormation parameter,
RiffRaffDeploymentId, to be set by Riff-Raff during deployment (see guardian/riff-raff#1469).
This parameter is echoed out in the user-data. This means a redeployment of the same build creates a CloudFormation changeset with a new launch template.
Consequently, the running EC2 instances are cycled. This means scheduled deployments are possible.
Patch Changes
v61.10.1
v61.10.0
v61.9.0
Minor Changes
-
339c2e9: Improves the safety of the new deployment mechanism for services which scale horizontally.
As part of this the
defaultandmaxValueproperties of theMinInstancesInServiceFor<app>parameter (which is used by Riff-Raff) have been removed.
Patch Changes
- 888d5e2: Update aws-cdk to 2.1018.0, aws-cdk-lib to 2.200.1, constructs to 10.4.2
v61.8.2
v61.8.1
v61.8.0
Minor Changes
-
0cc9129: Addition of slow start mode support for
GuEc2AppExperimental.We recommend enabling this setting if you run a high-traffic service, particularly if it is JVM-based.
v61.7.0
Minor Changes
-
d1ee03a: feat(GuEc2App): Replace
enabledDetailedInstanceMonitoringoptional property with mandatoryinstanceMetricGranularitypropertySpecifying how an ASG service should be monitored is now explicitly required.
When detailed monitoring is enabled, EC2 metrics are produced at a higher granularity of one minute (default is five minutes).
This should allow for earlier horizontal scaling and provide more detail during incident triage.This change will cost roughly $3 per instance per month.
We'd recommend using detailed monitoring for production environments.See also: