Merge branch 'aws-samples:main' into ebs_sts_regional_endpoint

Author: boueya

aws_sra_examples/solutions/config/config_management_account/templates/sra-config-management-account-role.yaml

@@ -44,31 +44,8 @@ Parameters:
     Type: String
 
 Resources:
-  rConfigRecorderRole:
-    Metadata:
-      cfn_nag:
-        rules_to_suppress:
-          - id: W28
-            reason: Explicit name provided
-    Type: AWS::IAM::Role
+  rConfigServiceLinkedRole:
+    Type: AWS::IAM::ServiceLinkedRole
     Properties:
-      RoleName: !Sub ${pManagedResourcePrefix}-ConfigRecorderRole
-      Description: Role for AWS Config Recorder
-      AssumeRolePolicyDocument:
-        Version: 2012-10-17
-        Statement:
-          - Effect: Allow
-            Action: sts:AssumeRole
-            Principal:
-              Service:
-                - config.amazonaws.com
-      ManagedPolicyArns:
-        - !Sub arn:${AWS::Partition}:iam::aws:policy/service-role/AWS_ConfigRole
-      Tags:
-        - Key: !Ref pSRASolutionTagKey
-          Value: !Ref pSRASolutionName
-
-Outputs:
-  oConfigRecorderRoleArn:
-    Description: Config Recorder Role ARN
-    Value: !GetAtt rConfigRecorderRole.Arn
+      AWSServiceName: config.amazonaws.com
+      Description: A service-linked role for the ConfigRecorder.

aws_sra_examples/solutions/config/config_management_account/templates/sra-config-management-account.yaml

@@ -165,7 +165,7 @@ Resources:
     Type: AWS::Config::ConfigurationRecorder
     Properties:
       Name: !Sub ${pManagedResourcePrefix}-BaselineConfigRecorder
-      RoleARN: !Sub arn:${AWS::Partition}:iam::${AWS::AccountId}:role/${pManagedResourcePrefix}-ConfigRecorderRole
+      RoleARN: !Sub arn:${AWS::Partition}:iam::${AWS::AccountId}:role/aws-service-role/config.amazonaws.com/AWSServiceRoleForConfig
       RecordingGroup:
         AllSupported: !Ref pAllSupported
         IncludeGlobalResourceTypes: !If

aws_sra_examples/utils/packaging_scripts/stage_solution.sh

@@ -404,21 +404,31 @@ if [ "$solution_directory" != "none" ]; then
     solution_name="sra-"$(tr '_' '-' <<<"$solution_name_snake_case")
     solution_lambda_s3_prefix="$solution_name/lambda_code"
     solution_templates_s3_prefix="$solution_name/templates"
+    # added for layer code
+    solution_layer_s3_prefix="$solution_name/layer_code"
 
     package_and_stage_common_solutions
     create_solution_staging_folder "$solution_templates_s3_prefix" "$solution_lambda_s3_prefix"
+    # added for layer code
+    create_solution_staging_layer_folder "$solution_layer_s3_prefix"
 
     staging_templates_folder="$STAGING_FOLDER/$solution_templates_s3_prefix" || exit 1
     staging_lambda_folder="$STAGING_FOLDER/$solution_lambda_s3_prefix" || exit 1
+    # added for layer code
+    staging_layer_folder="$STAGING_FOLDER/$solution_layer_s3_prefix" || exit 1
     echo "------------------------------------------------------------"
     echo "-- Solution: $solution_name"
     echo "------------------------------------------------------------"
     stage_cloudformation_templates "$solution_directory" "$staging_templates_folder"
     package_and_stage_lambda_code "$solution_directory" "$staging_lambda_folder" "$solution_name"
+    # added for layer code
+    package_and_stage_layer_code "$solution_directory" "$staging_layer_folder" "$solution_name"
 
     if [ -n "$BUCKET_ACL" ]; then
         upload_cloudformation_templates "$staging_templates_folder" "$solution_templates_s3_prefix"
         upload_lambda_code "$staging_lambda_folder" "$solution_lambda_s3_prefix"
+        # added for layer code
+        upload_layer_code "$staging_layer_folder" "$solution_layer_s3_prefix"
 
         cd "$staging_lambda_folder" || exit 1
         update_lambda_functions "$solution_lambda_s3_prefix"

pyproject.toml

@@ -19,7 +19,7 @@ pytest-xdist = "^3.1.0"
 black = "^22.12.0"
 isort = "^5.11.4"
 rope = "^1.7.0"
-mypy = "^0.991"
+mypy = "^1.13.0"
 flake8 = "5.0.4"                                        # Leaving at 5.0.4 until full dependency support (e.g. flake8-eradicate, flake8-broken-line, dlint)
 darglint = "^1.8.1"
 dlint = "^0.13.0"