v3.2.4

What's Changed

• feat: add permission boundary as optional input to all modules by @xuezhma in #415
• chore: Release 3.2.3 by @xuezhma in #416
• fix: remove redundant hardcoded stack names in model_deploy seed code by @weklund in #421
• fix: add S3 permissions directly to ManagedPolicy to fix IAM race condition by @weklund in #420
• feat: add optional S3 access logging for Control Tower compliance by @weklund in #419
• chore: Release 3.2.4 by @weklund in #422

Full Changelog: v3.2.2...v3.2.4

v3.2.3

Release v3.2.3

Added

• added permission boundary as optional input to all modules

Commits

• 8da047d - feat: add permission boundary as optional input to all modules (#415 )

v3.2.2

Release v3.2.2

This patch release includes security updates, dependency upgrades, and improvements to the sagemaker-templates module.

Added

• Added slack notification on failure in the snyk workflow
• Added UPDATE handler support for sagemaker-templates GitHub repository custom resource:
  • CodeConnectionArn changes: updates CodeBuild source credentials
  • S3BucketObjectKey changes (seed code updates): creates branch and pull request with new code
  • repository_owner changes: creates new repository under new owner with seed code, keeps old repository intact
• Added codebuild:DeleteSourceCredentials permission to sagemaker-templates GitHub repository Lambda role

Changed

• Update transformers to 4.53.0 to address security vulnerabilities
• Update sagemaker to 2.256.0
• Add explicit permissions to workflow for security best practices

Commits Since v3.2.1

• 0fc46cb - chore(deps): bump sagemaker (#412)
• 770bd7d - feat: add slack notification for snyk failure (#411)
• 895fea2 - fix: handle update event for the github customer resource handler (#409)
• c31182e - fix: upgrade transformers to 4.53.0 to address security vulnerabilities (#408)
• 11619ef - fix: add explicit permissions to workflow (#407)

v3.2.1

What's Changed

Changed

• fixed duplicate principal error in sagemaker-templates KMS key and S3 bucket policies when dev, pre-prod, and prod account IDs resolve to the same AWS account

Full Changelog: v3.2.0...v3.2.1

v3.2.0

What's Changed

Changed

• sagemaker-model-monitoring now triggers a one-time baseline generation upon deployment
• update seedfarmer version to 8.0.0
• fixed duplicate principal error in sagemaker-templates module when dev, pre-prod, and prod account IDs resolve to the same AWS account
• fixed sagemaker-templates Model Deploy seed code incorrectly granting S3 permissions to a ManagedPolicy instead of a Role, which caused deployment failures with CDK 2.174.0+
• update qs to 6.14.1 via npm override to address security vulnerability
• pin @cdklabs/generative-ai-cdk-constructs to 0.1.311 to fix build compatibility
• update starlette to 0.50.0 and fastapi to 0.128.0 to address security vulnerabilities
• updated sagemaker-templates to try archiving when repo deletion fails

Full Changelog: v3.1.0...v3.2.0

v3.1.0

What's Changed

Added

• added enable-data-capture parameter to sagemaker-templates Model Deploy template to enable endpoint data capture (default: true)

PRs

• feat: add enable-data-capture parameter to sagemaker-templates by @xuezhma in #390
• chore: Release 3.1.0 by @xuezhma in #391

Full Changelog: v3.0.0...v3.1.0

v3.0.0

What's Changed

• Python upgrade to 3.11; urllib3, boto3, CodeBuild image, and qs version bump by @weklund in #382
• chore: Release 3.0.0 by @weklund in #386

Full Changelog: v2.1.1...v3.0.0

v2.1.2

What's Changed

• feat: Implement manual approval and eventbridge by @weklund in #381

Full Changelog: v2.1.1...v2.1.2

v2.1.1

v2.1.1

Bugfixes 🐛

• fix: GitHub repository creation for organizations by @weklund in #374

Description

Fixed an issue where the SageMaker Templates module was creating GitHub repositories in the authenticated user's personal account instead of the specified GitHub organization. The Lambda function now correctly uses the organization API endpoint (/orgs/{owner}/repos) when
the github_owner parameter is an organization, with automatic fallback to the user endpoint for personal accounts.

Full Changelog: v2.1.0...v2.1.1

v2.1.0

Features / Enhancements 🚀

• feat: add sagemaker hyperpod eks terraform module by @kukushking in #360
• feat: model monitoring updates by @kukushking in #362
• feat: model monitoring baseline generation by @kukushking in #363

Bugfixes 🐛

• fix: deprecated lambda runtime by @kukushking in #366
• fix: baselining error handling by @kukushking in #370

Housekeeping 🧹

• chore: fix readme formatting by @kukushking in #369
• chore: Release 2.1.0 by @kukushking in #371

Security / Dependency Updates 🛡️

• chore(deps): bump js-yaml in /modules/fmops/sagemaker-jumpstart-fm-endpoint by @dependabot[bot] in #365
• chore(deps): bump js-yaml in /modules/fmops/sagemaker-hugging-face-endpoint by @dependabot[bot] in #364
• chore(deps): bump js-yaml in /modules/sagemaker/sagemaker-model-cicd by @dependabot[bot] in #368
• chore(deps): bump sagemaker from 2.232.2 to 2.237.3 in /modules/sagemaker/sagemaker-model-monitoring/sagemaker_model_monitoring/lambda by @dependabot[bot] in #367

Full Changelog*: v2.0.0...v2.1.0