v1.1.0-rc.69

v1.1.0-rc.69 (2024-06-20)

Chore

• chore(ingest): remove unused xarray, xstac, and zarr requirements (#393) (a98fe29)

• chore(ingest): remove unused zarr requirement (5b3997d)

• chore(ingest): remove unused xarray and xstac imports (a946478)

v1.1.0-rc.68

v1.1.0-rc.68 (2024-06-14)

Breaking

• feat!: configure cloudfront with origin access control (proposal) (#376)

Issue

No relevant github issue but in MCP, setting a default root object is
required which this work helps to address.

What?

• enable logging (this was added in another merged
  PR)
• configure cloudfront to use origin access control and delete the
  origin access identity that gets created
• set default root object to index.html
• use flag to enable/disable featureVEDA_CLOUDFRONT_OAC

Why?

• currently, our MCP deployments need to be manually updated in order
  for the cloudfront distribution to work properly with S3 buckets that
  block public access

Testing?

• deployed these changes to UAH dev and MCP test

Other

• I opted to not add policy configuration in this PR since there is no
  way to tell via CDK if a policy on a bucket already exists. In order for
  this to work, the S3 browser bucket must allow cloudfront to GetObject

{
    "Version": "2008-10-17",
    "Id": "PolicyForCloudFrontPrivateContent",
    "Statement": [
        {
            "Sid": "AllowCloudFrontServicePrincipal",
            "Effect": "Allow",
            "Principal": {
                "Service": "cloudfront.amazonaws.com"
            },
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::BUCKET/*",
            "Condition": {
                "StringEquals": {
                    "AWS:SourceArn": "arn:aws:cloudfront::ACCOUNT:distribution/DISTRIBUTION_ID"
                }
            }
        }
    ]

Misc

In order to properly configure this for our UAH stacks, we will need to
update the buckets to block public access, not use static website
hosting, and to include the bucket policy like above. These changes are
required because our current UAH buckets do use static website hosting
and therefore don't have the above policy and allow read access. (3a20ef2)

Feature

• feat: add flag to enable cf oac (d5c8fb5)

Fix

• fix: lint (f4b89c7)

v5.2.0

v5.2.0 (2024-06-10)

Feature

• feat(release): downgrade and pin rio-tiler, fix ingestor role, allow extra fields in collection links (#390)

Added

None

Changed/Updated

• chore: Add rio-tiler version in raster API #
  385

Fixed

• fix: update stac and raster api title and description
  #379
• fix: backend monitoring changes
  #371
• fix: ingestor role to have s3 access
  #387
• fix(ingest): requester pays config in validation
  #388
• fix: allow extra fields in collection links to support extensions
  #389 (e6d8c51)

v1.1.0-rc.67

v1.1.0-rc.67 (2024-06-06)

Fix

• fix: ingestor role to have s3 access (#387) (8863d92)

• fix: allow extra fields in collection links to support extensions (#389) (151edec)

v1.1.0-rc.66

v1.1.0-rc.66 (2024-06-06)

Chore

• chore: Add rio-tiler version in raster API (#385)

Issue

Added latest version of rio-tiler (recorded as stable
here )
in raster API.

What?

• Added version 6.5.0 of rio-tiler in raster API

Why?

GHGC is preparing to deploy all VEDA dependencies through a common
repository veda-deploy.
Some of the forked repos in GHGC were ahead of VEDA and to reflect those
changes, the version of rio-tiler is being upgraded. (0ecf45b)

v1.1.0-rc.65

v1.1.0-rc.65 (2024-06-04)

Fixed

• fix(ingest): requester pays config in validation (#388)

• Add optional requester pays configuration to ingest API to validate
  accessibility of assets in buckets that require requester pays if the
  titiler been configured to use requester pays

v1.1.0-rc.64

v1.1.0-rc.64 (2024-05-31)

Fix

• fix: update stac and raster api title and description (#379) (5a559f6)

Unknown

• refactor for configurability (8eafddd)

v5.1.0

v5.1.0 (2024-05-29)

Feature

• feat(release): backend monitoring changes, enable cloudfront logging, optional cognito domain in ingestor lambda, make data access role optional in ingestor (#386)

Added

• feat: enable cloudfront logging
  #375

Changed/Updated

None

Fixed

• fix: backend monitoring changes
  #371
• fix: optional cognito domain in ingestor lambda
  #377
• fix: make data access role optional in ingestor
  #382
• fix: make data access role optional in ingest runtime
  #383 (a407319)

v1.1.0-rc.63

v1.1.0-rc.63 (2024-05-28)

Fix

• fix: make data access role optional in ingest runtime (#383) (c55e375)

v1.1.0-rc.62

v1.1.0-rc.62 (2024-05-24)

Fix

• fix: make data access role optional in ingestor (#382)

Issue

Data access role arn is optional in raster API, but ingestor makes it
required, which doesn't make sense.

What?

• Made raster_data_access_role_arn env var optional

Why?

• It's an optional env var (f83f668)