Skip to content

Merge develop into main: HITL metadata guard fix + AWS Backup plan coverage for Amplify DynamoDB#130

Open
dereknorrbom wants to merge 8 commits intomainfrom
develop
Open

Merge develop into main: HITL metadata guard fix + AWS Backup plan coverage for Amplify DynamoDB#130
dereknorrbom wants to merge 8 commits intomainfrom
develop

Conversation

@dereknorrbom
Copy link
Contributor

@dereknorrbom dereknorrbom commented Mar 18, 2026
edited
Loading

Summary

This PR merges develop into main and includes two functional infrastructure/application updates:

  1. Dashboard HITL metadata guard fix (procedure-hitl)
  2. AWS Backup plan coverage for Amplify Gen2 DynamoDB tables

Included Changes

1) Dashboard HITL fix

  • dashboard/lib/procedure-hitl.ts
    • Tightened parseMessageMetadata object guards to avoid null-impossible comparisons while preserving behavior.

2) AWS Backup governance for Amplify tables

  • dashboard/amplify/backend.ts
    • Added DynamoDbBackupStack
    • Added AWS Backup vault and plan for environment-scoped naming
    • Added daily backup rule (05:00 UTC) with 35-day retention
    • Added backup selection over all Amplify Data DynamoDB tables via BackupResource.fromDynamoDbTable(...)
    • Kept PITR enablement in place (PITR + Backup Plan are complementary controls)

Why

  • Resolves remaining dashboard Code Quality warning from the HITL metadata guard path.
  • Remediates Prowler backup-governance findings that require DynamoDB tables to be assigned to an AWS Backup plan (separate from PITR).

Validation

  • npx jest lib/__tests__/procedure-hitl.test.ts --runInBand (dashboard)
    • Result: passed
  • npx tsc -p amplify/tsconfig.json --noEmit --pretty false (dashboard)
    • Result: passed
  • Staging verification completed for AWS Backup:
    • Backup plan and table selection present
    • Manual on-demand backup job executed successfully

Notes

  • This PR also includes project-management synchronization artifacts under project/events and project/issues generated as part of the required Kanbus workflow.

@dereknorrbom dereknorrbom requested a review from a team as a code owner March 18, 2026 17:12
@dereknorrbom dereknorrbom requested review from endymion and removed request for a team March 18, 2026 17:12
@dereknorrbom
Merge branch 'main' into develop
d325169
@dereknorrbom
chore: add new issue and comments for resolving Code Quality findings…
b2b4d6f 
… related to PR #121

- Created issue for addressing unresolved GitHub Code Quality review comments.
- Added comments detailing the implementation of fixes and follow-up actions.
- Introduced new tasks for additional Code Quality warnings in related files.
@dereknorrbom
feat(amplify): add AWS Backup plan for Gen2 DynamoDB tables
4494413
@dereknorrbom
chore(pm): create issue and log events for AWS Backup plan implementa…
887d8ff 
…tion for Amplify Gen2 DynamoDB tables
@dereknorrbom dereknorrbom changed the title Merge develop into main: include remaining HITL metadata guard fix Merge develop into main: HITL metadata guard fix + AWS Backup plan coverage for Amplify DynamoDB Mar 18, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@endymion endymion endymion approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dereknorrbom @endymion