From 85f606ad13e4e51b9f66330379a55ef76310a8ca Mon Sep 17 00:00:00 2001
From: Rico Huijbers <rix0rrr@gmail.com>
Date: Thu, 9 Apr 2020 11:14:53 +0200
Subject: [PATCH 1/4] fix: new IAM Condition type is unusable in Java (#7270)

The changing of the type of `Condition` from `any` to `Record<string,
any>` broke common code in Java.

Many users would be passing a `Map<String, String>` in that location,
which WOULD be assignable to the old type `Object`, but not to the
new type `Map<String, Object>`.

Revert for now and turn this into a feature request to jsii team.
---
 allowed-breaking-changes.txt                      |  3 +++
 packages/@aws-cdk/aws-iam/lib/policy-statement.ts | 14 +++++++++++++-
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/allowed-breaking-changes.txt b/allowed-breaking-changes.txt
index 1f78ca52d6422..790b59b6edc5f 100644
--- a/allowed-breaking-changes.txt
+++ b/allowed-breaking-changes.txt
@@ -46,3 +46,6 @@ incompatible-argument:@aws-cdk/aws-iam.PolicyStatement.addCondition
 incompatible-argument:@aws-cdk/aws-iam.PolicyStatement.addConditions
 incompatible-argument:@aws-cdk/aws-iam.PolicyStatement.addFederatedPrincipal
 incompatible-argument:@aws-cdk/aws-iam.PrincipalPolicyFragment.<initializer>
+changed-type:@aws-cdk/aws-iam.FederatedPrincipal.conditions
+changed-type:@aws-cdk/aws-iam.PrincipalPolicyFragment.conditions
+changed-type:@aws-cdk/aws-iam.PrincipalWithConditions.conditions
diff --git a/packages/@aws-cdk/aws-iam/lib/policy-statement.ts b/packages/@aws-cdk/aws-iam/lib/policy-statement.ts
index 5bba3ff6b824c..3a3c10d2488a5 100644
--- a/packages/@aws-cdk/aws-iam/lib/policy-statement.ts
+++ b/packages/@aws-cdk/aws-iam/lib/policy-statement.ts
@@ -307,7 +307,19 @@ export enum Effect {
  * Condition for when an IAM policy is in effect. Maps from the keys in a request's context to
  * a string value or array of string values. See the Conditions interface for more details.
  */
-export type Condition = Record<string, any>;
+export type Condition = any;
+
+// NOTE! We'd ideally like to type this as `Record<string, any>`, because the
+// API expects a map which can take either strings or lists of strings.
+//
+// However, if we were to change this right now, the Java bindings for CDK would
+// emit a type of `Map<String, Object>`, but the most common types people would
+// instantiate would be an `ImmutableMap<String, String>` which would not be
+// assignable to `Map<String, Object>`. The types don't have a built-in notion
+// of co-contravariance, you have to indicate that on the type. So jsii would first
+// need to emit the type as `Map<String, ? extends Object>`.
+//
+// Feature request in https://github.com/aws/jsii/issues/1517
 
 /**
  * Conditions for when an IAM Policy is in effect, specified in the following structure:

From 015c7f5c7177773f9241c99d1f3a2fd0a56b3d47 Mon Sep 17 00:00:00 2001
From: Rico Huijbers <rix0rrr@gmail.com>
Date: Thu, 9 Apr 2020 09:28:42 +0000
Subject: [PATCH 2/4] chore(release): 1.32.1

---
 CHANGELOG.md | 7 +++++++
 lerna.json   | 2 +-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4ea14cd2eaee0..7c060f63b7f3e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,13 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+### [1.32.1](https://github.com/aws/aws-cdk/compare/v1.32.0...v1.32.1) (2020-04-09)
+
+
+### Bug Fixes
+
+* new IAM Condition type is unusable in Java ([#7270](https://github.com/aws/aws-cdk/issues/7270)) ([85f606a](https://github.com/aws/aws-cdk/commit/85f606ad13e4e51b9f66330379a55ef76310a8ca))
+
 ## [1.32.0](https://github.com/aws/aws-cdk/compare/v1.31.0...v1.32.0) (2020-04-07)
 
 
diff --git a/lerna.json b/lerna.json
index fdb47e5b64fcd..117d79cdcb4d1 100644
--- a/lerna.json
+++ b/lerna.json
@@ -10,5 +10,5 @@
     "tools/*"
   ],
   "rejectCycles": "true",
-  "version": "1.32.0"
+  "version": "1.32.1"
 }

From 2ef99cea1b5e8a672757e542036af71aba6b6f65 Mon Sep 17 00:00:00 2001
From: Rico Huijbers <rix0rrr@gmail.com>
Date: Thu, 9 Apr 2020 12:57:55 +0200
Subject: [PATCH 3/4] Update CHANGELOG.md

---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7c060f63b7f3e..0c3d2dbeece6d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,7 +7,7 @@ All notable changes to this project will be documented in this file. See [standa
 
 ### Bug Fixes
 
-* new IAM Condition type is unusable in Java ([#7270](https://github.com/aws/aws-cdk/issues/7270)) ([85f606a](https://github.com/aws/aws-cdk/commit/85f606ad13e4e51b9f66330379a55ef76310a8ca))
+* **iam:** new IAM Condition type is unusable in Java ([#7270](https://github.com/aws/aws-cdk/issues/7270)) ([85f606a](https://github.com/aws/aws-cdk/commit/85f606ad13e4e51b9f66330379a55ef76310a8ca))
 
 ## [1.32.0](https://github.com/aws/aws-cdk/compare/v1.31.0...v1.32.0) (2020-04-07)
 

From b10fd92257eff967d727229ee92c3c0e8d7eed92 Mon Sep 17 00:00:00 2001
From: Rico Huijbers <rix0rrr@gmail.com>
Date: Thu, 9 Apr 2020 12:58:22 +0200
Subject: [PATCH 4/4] Update CHANGELOG.md

---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0c3d2dbeece6d..949ffc0c44c56 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,7 +2,7 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
-### [1.32.1](https://github.com/aws/aws-cdk/compare/v1.32.0...v1.32.1) (2020-04-09)
+## [1.32.1](https://github.com/aws/aws-cdk/compare/v1.32.0...v1.32.1) (2020-04-09)
 
 
 ### Bug Fixes