Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(release): 2.167.0 #32114

Merged
merged 24 commits into from
Nov 13, 2024
Merged

chore(release): 2.167.0 #32114

merged 24 commits into from
Nov 13, 2024

Commits on Nov 7, 2024

  1. docs(core): fix typo in Stack (#32047)

    found a very very small typo.
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    go-to-k authored Nov 7, 2024
    Configuration menu
    Copy the full SHA
    722b94c View commit details
    Browse the repository at this point in the history
  2. Configuration menu
    Copy the full SHA
    5c88cd1 View commit details
    Browse the repository at this point in the history
  3. Configuration menu
    Copy the full SHA
    74c0ac9 View commit details
    Browse the repository at this point in the history
  4. feat(ivs): support recording configuration for channel (#31899)

    ### Issue # (if applicable)
    
    Closes #31780.
    
    ### Reason for this change
    To use recording configuration for IVS channel.
    
    
    
    ### Description of changes
    * Add `RecordingConfiguration` Construct.
    * Add `recordingConfiguration` property to the Channel.
    
    
    
    ### Description of how you validated changes
    Add unit tests and integ test.
    
    
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    mazyu36 authored Nov 7, 2024
    Configuration menu
    Copy the full SHA
    8a3734d View commit details
    Browse the repository at this point in the history
  5. fix(scheduler-targets-alpha): add dlq policy to execution role instea…

    …d of queue policy (#32032)
    
    ### Issue # (if applicable)
    
    Tracking #31785.
    
    ### Reason for this change
    
    Currently if a dead letter queue (DLQ) is specified then a queue policy is created for the DLQ which allows the schedule to send messages. This is incorrect and the permissions should be added to the schedule's execution role instead.  
    
    ### Description of changes
    
    Add `sqs:SendMessage` permission to execution role's policy statement if dead letter queue is specified. This follows the [service docs](https://docs.aws.amazon.com/scheduler/latest/UserGuide/configuring-schedule-dlq.html#configuring-schedule-dlq-permissions) for configuring a schedule DLQ.
    
    Also removed cross-region validation as the deployment will fail fast for this case so the validation is unnecessary.
    
    ### Description of how you validated changes
    
    Updated unit tests and added a new integration test with dead letter queue setup on the schedule
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    gracelu0 authored Nov 7, 2024
    Configuration menu
    Copy the full SHA
    b953b2a View commit details
    Browse the repository at this point in the history
  6. feat(service-catalog): allow Product Stack to override analytics repo…

    …rting and stack descriptions (#31985)
    
    ### Issue # (if applicable)
    
    Closes #31924
    
    ### Reason for this change
    
    Product Stack cannot override analytics reporting and descriptions. Support these two props.
    
    ### Description of changes
    
    The reason I didn't choose to allow ProductStackProps to extend StackProps and instead manually add these two properties are because all of the other properties, i.e. `stackName`, `env`, `notificationArns`, `terminationProtection`, `crossRegionReferences`, `permissionsBoundary`, `suppressTemplateIndentation`, do not mutate the stack template but are used by CDK CLI. These properties have no impact on the Product Stack template generated and thus I did not include them.
    
    ### Description of how you validated changes
    
    Unit and integ tests added.
    
    ### Checklist
    - [ ] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    GavinZZ authored Nov 7, 2024
    Configuration menu
    Copy the full SHA
    d8ad02a View commit details
    Browse the repository at this point in the history
  7. feat(elasticloadbalancingv2): enable zonal shift for network load bal…

    …ancer (#31990)
    
    ### Issue # (if applicable)
    
    Closes #31983.
    
    ### Reason for this change
    
    AWS CDK does not support for configuring zonal shift for a NLB.
    
    ### Description of changes
    
    Add `zonalShift` prop to `NetworkLoadBalancerProps`
    
    ### Description of how you validated changes
    
    Add both unit and integ tests.
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    badmintoncryer authored Nov 7, 2024
    Configuration menu
    Copy the full SHA
    497abdc View commit details
    Browse the repository at this point in the history
  8. chore(codepipeline): generate stack name in codepipeline when stack n…

    …ame is unresolved token (#31967)
    
    ### Issue # (if applicable)
    
    Closes #31436.
    
    ### Reason for this change
    
    When nested stack is used with CodePipeline, the stack name is actually a token which will fail regex check. We can't simply add a `Token.isUnresolved` check before the regex check because stack name must be a resolved string otherwise the template file would include `Token[xxx]`.
    
    
    ### Description of changes
    
    The only feasible fix would be allowing users to override the nested stack name if users provide one. Currently nested stack names are auto-generated and are a token value. Allow users to specify the stack name.
    
    ### Description of how you validated changes
    
    New integ tests pass. Existing tests pass.
    
    ### Checklist
    - [ ] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    GavinZZ authored Nov 7, 2024
    Configuration menu
    Copy the full SHA
    a09ccdb View commit details
    Browse the repository at this point in the history

Commits on Nov 8, 2024

  1. feat(lambda): add Python 3.13 runtime (#32054)

    ### Issue # (if applicable)
    NA
    
    ### Reason for this change
    
    Adds Python 3.13 to the available [Lambda Runtimes constants](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_lambda.Runtime.html#initializer)
    
    ### Description of how you validated changes
    
    Have added integration tests to validate the runtime support
    
    ### Checklist
    - [ ] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    Vandita2020 authored Nov 8, 2024
    Configuration menu
    Copy the full SHA
    e0ebcfe View commit details
    Browse the repository at this point in the history
  2. feat(rds): support minor engine versions for oracle (#32058)

    This PR supports minor versions for oracle 19c and 21c.
    
    - 19c
      - 19.0.0.0.ru-2024-07.rur-2024-07.r1
      - 19.0.0.0.ru-2024-10.rur-2024-10.r1
    - 21c
      - 21.0.0.0.ru-2024-07.rur-2024-07.r1
      - 21.0.0.0.ru-2024-10.rur-2024-10.r1
    
    What's new and Ref
    
    - https://aws.amazon.com/jp/about-aws/whats-new/2024/11/amazon-rds-oracle-october-2024-update/
    - https://docs.aws.amazon.com/AmazonRDS/latest/OracleReleaseNotes/oracle-version-21-0.html
    - https://docs.aws.amazon.com/AmazonRDS/latest/OracleReleaseNotes/oracle-version-19-0.html
    
    ```sh
    ❯ aws rds describe-db-engine-versions --engine oracle-ee-cdb --query "DBEngineVersions[?EngineVersion=='19.0.0.0.ru-2024-07.rur-2024-07.r1'||EngineVersion=='19.0.0.0.ru-2024-10.rur-2024-10.r1'||EngineVersion=='21.0.0.0.ru-2024-07.rur-2024-07.r1'||EngineVersion=='21.0.0.0.ru-2024-10.rur-2024-10.r1'].[DBEngineVersionDescription,EngineVersion,DBParameterGroupFamily,MajorEngineVersion,Status]"
    [
        [
            "Oracle 19.0.0.0.ru-2024-07.rur-2024-07.r1",
            "19.0.0.0.ru-2024-07.rur-2024-07.r1",
            "oracle-ee-cdb-19",
            "19",
            "available"
        ],
        [
            "Oracle 19.0.0.0.ru-2024-10.rur-2024-10.r1",
            "19.0.0.0.ru-2024-10.rur-2024-10.r1",
            "oracle-ee-cdb-19",
            "19",
            "available"
        ],
        [
            "Oracle 21.0.0.0.ru-2024-07.rur-2024-07.r1",
            "21.0.0.0.ru-2024-07.rur-2024-07.r1",
            "oracle-ee-cdb-21",
            "21",
            "available"
        ],
        [
            "Oracle 21.0.0.0.ru-2024-10.rur-2024-10.r1",
            "21.0.0.0.ru-2024-10.rur-2024-10.r1",
            "oracle-ee-cdb-21",
            "21",
            "available"
        ]
    ]
    ```
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    go-to-k authored Nov 8, 2024
    Configuration menu
    Copy the full SHA
    3d72b63 View commit details
    Browse the repository at this point in the history
  3. feat(rds): support minor versions for RDS for SQL Server (#32055)

    Add some new minor versions for RDS for SQL Server.
    
    Ref: https://aws.amazon.com/about-aws/whats-new/2024/11/amazon-rds-sql-server-minor-versions-october-2024/
    
    ```sh
    aws rds describe-db-engine-versions --engine sqlserver-ee --query "DBEngineVersions[?EngineVersion=='13.00.6450.1.v1'||EngineVersion=='14.00.3480.1.v1'||EngineVersion=='15.00.4395.2.v1'||EngineVersion=='16.00.4150.1.v1'].[DBEngineVersionDescription,EngineVersion,DBParameterGroupFamily,MajorEngineVersion,Status]"
    
    [
        [
            "SQL Server 2016 13.00.6450.1.v1",
            "13.00.6450.1.v1",
            "sqlserver-ee-13.0",
            "13.00",
            "available"
        ],
        [
            "SQL Server 2017 14.00.3480.1.v1",
            "14.00.3480.1.v1",
            "sqlserver-ee-14.0",
            "14.00",
            "available"
        ],
        [
            "SQL Server 2019 15.00.4395.2.v1",
            "15.00.4395.2.v1",
            "sqlserver-ee-15.0",
            "15.00",
            "available"
        ],
        [
            "SQL Server 2022 16.00.4150.1.v1",
            "16.00.4150.1.v1",
            "sqlserver-ee-16.0",
            "16.00",
            "available"
        ]
    ]
    ```
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    mazyu36 authored Nov 8, 2024
    Configuration menu
    Copy the full SHA
    8c80bf8 View commit details
    Browse the repository at this point in the history
  4. feat(kms): support KEY_AGREEMENT for keyUsage (#30993)

    ### Issue # (if applicable)
    
    Closes #30989
    
    ### Reason for this change
    To support `KEY_AGREEMENT` for KeyUsage.
    
    
    ### Description of changes
    * Add `KEY_AGREEMENT` to KeyUsage enum
    * Add validation rule
    
    
    
    ### Description of how you validated changes
    Add unit test and integ test.
    
    
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    mazyu36 authored Nov 8, 2024
    Configuration menu
    Copy the full SHA
    2323877 View commit details
    Browse the repository at this point in the history
  5. fix(ecr): allow creating repository uri to use tokens like cfn params (

    …#32053)
    
    ### Issue # (if applicable)
    
    Closes #31860.
    
    ### Reason for this change
    Currently customers can pass one property `tagOrDigest` and if the customers pass a CFN parameter, CDK could not know if it is a tag or digest, and so the generated URI is not correct.
    
    Now the same parameter can supports Tokens, and it will generate a CFN condition to check if the value of this token is digest or tag, and then update the uri based on the condition output.
    
    
    ### Description of changes
    
    Check if the input is a Token, and so instead of determining if its value is a tag or digest in synth time, we create a CFN condition to do this check in CFN, and then determine how to build the repo uri.
    
    ### Description of how you validated changes
    
    Added unit test cases, and integration test cases with assertions.
    
    ### Checklist
    - [X] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    moelasmar authored Nov 8, 2024
    Configuration menu
    Copy the full SHA
    5648199 View commit details
    Browse the repository at this point in the history

Commits on Nov 11, 2024

  1. chore: code coverage configuration (#32079)

    Leverage [Codecov](https://about.codecov.io/) to enforce (new) code coverage requirements.
    
    Resolves #31931
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    iliapolo authored Nov 11, 2024
    Configuration menu
    Copy the full SHA
    c5e738e View commit details
    Browse the repository at this point in the history
  2. chore: block mergify on codecov failures (#32082)

    Followup to #32079
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    iliapolo authored Nov 11, 2024
    Configuration menu
    Copy the full SHA
    33872f3 View commit details
    Browse the repository at this point in the history
  3. feat: update L1 CloudFormation resource definitions (#32090)

    Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec`
    
    **L1 CloudFormation resource definition changes:**
    ```
    ├[~] service aws-appsync
    │ └ resources
    │    ├[~] resource AWS::AppSync::Api
    │    │ ├  - documentation: Creates a `GraphqlApi` object.
    │    │ │  + documentation: The `AWS::AppSync::Api` resource creates an AWS AppSync API that you can use for an AWS AppSync API with your preferred configuration, such as an Event API that provides real-time message publishing and message subscriptions over WebSockets.
    │    │ ├ properties
    │    │ │  ├ EventConfig: (documentation changed)
    │    │ │  ├ Name: (documentation changed)
    │    │ │  └ Tags: (documentation changed)
    │    │ ├ attributes
    │    │ │  ├ ApiArn: (documentation changed)
    │    │ │  ├ ApiId: (documentation changed)
    │    │ │  ├ Dns: - Map<string, string>
    │    │ │  │      + DnsMap
    │    │ │  ├[+] Dns.Http: string
    │    │ │  └[+] Dns.Realtime: string
    │    │ └ types
    │    │    ├[~] type AuthMode
    │    │    │ ├  - documentation: An auth mode.
    │    │    │ │  + documentation: Describes an authorization configuration. Use `AuthMode` to specify the publishing and subscription authorization configuration for an Event API.
    │    │    │ └ properties
    │    │    │    └ AuthType: (documentation changed)
    │    │    ├[~] type AuthProvider
    │    │    │ ├  - documentation: An auth provider for the AppSync API.
    │    │    │ │  + documentation: Describes an authorization provider.
    │    │    │ └ properties
    │    │    │    ├ AuthType: (documentation changed)
    │    │    │    ├ CognitoConfig: (documentation changed)
    │    │    │    ├ LambdaAuthorizerConfig: (documentation changed)
    │    │    │    └ OpenIDConnectConfig: (documentation changed)
    │    │    ├[~] type CognitoConfig
    │    │    │ ├  - documentation: Optional authorization configuration for using Amazon Cognito user pools with your API endpoint.
    │    │    │ │  + documentation: Describes an Amazon Cognito configuration.
    │    │    │ └ properties
    │    │    │    ├ AppIdClientRegex: (documentation changed)
    │    │    │    ├ AwsRegion: (documentation changed)
    │    │    │    └ UserPoolId: (documentation changed)
    │    │    ├[+] type DnsMap
    │    │    │ ├  documentation: A map of DNS names for the Api.
    │    │    │ │  name: DnsMap
    │    │    │ └ properties
    │    │    │    ├Realtime: string
    │    │    │    └Http: string
    │    │    ├[~] type EventConfig
    │    │    │ ├  - documentation: The configuration for an Event Api
    │    │    │ │  + documentation: Describes the authorization configuration for connections, message publishing, message subscriptions, and logging for an Event API.
    │    │    │ └ properties
    │    │    │    ├ AuthProviders: (documentation changed)
    │    │    │    ├ ConnectionAuthModes: (documentation changed)
    │    │    │    ├ DefaultPublishAuthModes: (documentation changed)
    │    │    │    ├ DefaultSubscribeAuthModes: (documentation changed)
    │    │    │    └ LogConfig: (documentation changed)
    │    │    └[~] type EventLogConfig
    │    │      ├  - documentation: The log config for the AppSync API.
    │    │      │  + documentation: Describes the CloudWatch Logs configuration for the Event API.
    │    │      └ properties
    │    │         ├ CloudWatchLogsRoleArn: (documentation changed)
    │    │         └ LogLevel: (documentation changed)
    │    └[~] resource AWS::AppSync::ChannelNamespace
    │      ├  - documentation: Resource schema for AppSync ChannelNamespace
    │      │  + documentation: The `AWS::AppSync::ChannelNamespace` resource creates a channel namespace associated with an `Api` . The `ChannelNamespace` contains the definitions for code handlers for the `Api` .
    │      ├ properties
    │      │  ├ ApiId: (documentation changed)
    │      │  ├ CodeHandlers: (documentation changed)
    │      │  ├ Name: (documentation changed)
    │      │  ├ PublishAuthModes: (documentation changed)
    │      │  ├ SubscribeAuthModes: (documentation changed)
    │      │  └ Tags: (documentation changed)
    │      ├ attributes
    │      │  └ ChannelNamespaceArn: (documentation changed)
    │      └ types
    │         └[~] type AuthMode
    │           ├  - documentation: An auth mode.
    │           │  + documentation: Describes an authorization configuration. Use `AuthMode` to specify the publishing and subscription authorization configuration for an Event API.
    │           └ properties
    │              └ AuthType: (documentation changed)
    ├[~] service aws-bedrock
    │ └ resources
    │    ├[~] resource AWS::Bedrock::ApplicationInferenceProfile
    │    │ ├  - documentation: Definition of AWS::Bedrock::ApplicationInferenceProfile Resource Type
    │    │ │  + documentation: Specifies an inference profile as a resource in a top-level template. Use the `ModelSource` field to specify the inference profile to copy into the resource. For more information about using inference profiles in Amazon Bedrock , see [Improve resilience with cross-region inference](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) .
    │    │ │  See the *Properties* section below for descriptions of both the required and optional properties.
    │    │ ├ properties
    │    │ │  ├ Description: (documentation changed)
    │    │ │  ├ InferenceProfileName: (documentation changed)
    │    │ │  ├ ModelSource: (documentation changed)
    │    │ │  └ Tags: (documentation changed)
    │    │ ├ attributes
    │    │ │  ├ CreatedAt: (documentation changed)
    │    │ │  ├ InferenceProfileArn: (documentation changed)
    │    │ │  ├ InferenceProfileId: (documentation changed)
    │    │ │  ├ InferenceProfileIdentifier: (documentation changed)
    │    │ │  ├ Models: (documentation changed)
    │    │ │  ├ Status: (documentation changed)
    │    │ │  ├ Type: (documentation changed)
    │    │ │  └ UpdatedAt: (documentation changed)
    │    │ └ types
    │    │    ├[~] type InferenceProfileModel
    │    │    │ ├  - documentation: Model configuration
    │    │    │ │  + documentation: Contains information about a model.
    │    │    │ └ properties
    │    │    │    └ ModelArn: (documentation changed)
    │    │    └[~] type InferenceProfileModelSource
    │    │      ├  - documentation: Various ways to encode a list of models in a CreateInferenceProfile request
    │    │      │  + documentation: Contains information about the model or system-defined inference profile that is the source for an inference profile..
    │    │      └ properties
    │    │         └ CopyFrom: (documentation changed)
    │    ├[~] resource AWS::Bedrock::FlowVersion
    │    │ └ attributes
    │    │    └ CustomerEncryptionKeyArn: (documentation changed)
    │    ├[~] resource AWS::Bedrock::KnowledgeBase
    │    │ └ types
    │    │    └[~] type VectorKnowledgeBaseConfiguration
    │    │      └ properties
    │    │         └ EmbeddingModelArn: (documentation changed)
    │    └[~] resource AWS::Bedrock::PromptVersion
    │      ├ properties
    │      │  └ Tags: (documentation changed)
    │      └ attributes
    │         └ CustomerEncryptionKeyArn: (documentation changed)
    ├[~] service aws-cleanrooms
    │ └ resources
    │    ├[~] resource AWS::CleanRooms::Collaboration
    │    │ └ properties
    │    │    └[+] AnalyticsEngine: string (immutable)
    │    └[~] resource AWS::CleanRooms::Membership
    │      └ types
    │         └[~] type ProtectedQueryS3OutputConfiguration
    │           └ properties
    │              └[+] SingleFileOutput: boolean
    ├[~] service aws-codebuild
    │ └ resources
    │    ├[~] resource AWS::CodeBuild::Fleet
    │    │ └ properties
    │    │    ├ ComputeType: (documentation changed)
    │    │    └ EnvironmentType: (documentation changed)
    │    └[~] resource AWS::CodeBuild::Project
    │      └ types
    │         └[~] type Environment
    │           └ properties
    │              └ ComputeType: (documentation changed)
    ├[~] service aws-datasync
    │ └ resources
    │    └[~] resource AWS::DataSync::Task
    │      └ properties
    │         └[+] TaskMode: string (immutable)
    ├[~] service aws-ec2
    │ └ resources
    │    ├[~] resource AWS::EC2::EIP
    │    │ └ properties
    │    │    ├ Address: (documentation changed)
    │    │    └ IpamPoolId: (documentation changed)
    │    └[+] resource AWS::EC2::SecurityGroupVpcAssociation
    │      ├  name: SecurityGroupVpcAssociation
    │      │  cloudFormationType: AWS::EC2::SecurityGroupVpcAssociation
    │      │  documentation: A security group association with a VPC.
    │      ├ properties
    │      │  ├GroupId: string (required, immutable)
    │      │  └VpcId: string (required, immutable)
    │      └ attributes
    │         ├VpcOwnerId: string
    │         ├State: string
    │         └StateReason: string
    ├[~] service aws-ecs
    │ └ resources
    │    ├[~] resource AWS::ECS::CapacityProvider
    │    │ └ types
    │    │    └[~] type ManagedScaling
    │    │      └ properties
    │    │         └ MinimumScalingStepSize: (documentation changed)
    │    ├[~] resource AWS::ECS::Service
    │    │ ├ properties
    │    │ │  └ DeploymentConfiguration: (documentation changed)
    │    │ └ types
    │    │    ├[~] type DeploymentConfiguration
    │    │    │ └  - documentation: Optional deployment parameters that control how many tasks run during the deployment and the failure detection methods.
    │    │    │    + documentation: Optional deployment parameters that control how many tasks run during a deployment and the ordering of stopping and starting tasks.
    │    │    └[~] type LoadBalancer
    │    │      └ properties
    │    │         └ LoadBalancerName: (documentation changed)
    │    └[~] resource AWS::ECS::TaskDefinition
    │      ├ properties
    │      │  ├ IpcMode: (documentation changed)
    │      │  ├ NetworkMode: (documentation changed)
    │      │  └ PidMode: (documentation changed)
    │      └ types
    │         ├[~] type PortMapping
    │         │ └ properties
    │         │    └ ContainerPort: (documentation changed)
    │         └[~] type RuntimePlatform
    │           └ properties
    │              ├ CpuArchitecture: (documentation changed)
    │              └ OperatingSystemFamily: (documentation changed)
    ├[~] service aws-elasticache
    │ └ resources
    │    └[~] resource AWS::ElastiCache::ReplicationGroup
    │      └ properties
    │         └ TransitEncryptionEnabled: (documentation changed)
    ├[~] service aws-elasticloadbalancingv2
    │ └ resources
    │    ├[~] resource AWS::ElasticLoadBalancingV2::Listener
    │    │ ├ properties
    │    │ │  ├ Port: (documentation changed)
    │    │ │  └ Protocol: (documentation changed)
    │    │ └ types
    │    │    └[~] type RedirectConfig
    │    │      └ properties
    │    │         └ Protocol: (documentation changed)
    │    ├[~] resource AWS::ElasticLoadBalancingV2::ListenerRule
    │    │ └ types
    │    │    └[~] type RedirectConfig
    │    │      └ properties
    │    │         └ Protocol: (documentation changed)
    │    ├[~] resource AWS::ElasticLoadBalancingV2::LoadBalancer
    │    │ ├ properties
    │    │ │  ├ IpAddressType: (documentation changed)
    │    │ │  ├ Scheme: (documentation changed)
    │    │ │  ├ SubnetMappings: (documentation changed)
    │    │ │  └ Subnets: (documentation changed)
    │    │ └ types
    │    │    └[~] type LoadBalancerAttribute
    │    │      └ properties
    │    │         └ Key: (documentation changed)
    │    └[~] resource AWS::ElasticLoadBalancingV2::TargetGroup
    │      ├ properties
    │      │  ├ HealthCheckEnabled: (documentation changed)
    │      │  └ IpAddressType: (documentation changed)
    │      └ types
    │         └[~] type TargetGroupAttribute
    │           └ properties
    │              └ Key: (documentation changed)
    ├[~] service aws-gamelift
    │ └ resources
    │    ├[~] resource AWS::GameLift::ContainerGroupDefinition
    │    │ ├  - documentation: *This data type is used with the Amazon GameLift containers feature, which is currently in public preview.*
    │    │ │  The properties that describe a container group resource. Container group definition properties can't be updated. To change a property, create a new container group definition.
    │    │ │  *Used with:* `CreateContainerGroupDefinition`
    │    │ │  *Returned by:* `DescribeContainerGroupDefinition` , `ListContainerGroupDefinitions`
    │    │ │  + documentation: *This data type is currently not available. It is under improvement as we respond to customer feedback from the Containers public preview.*
    │    │ │  The properties that describe a container group resource. Container group definition properties can't be updated. To change a property, create a new container group definition.
    │    │ │  *Used with:* `CreateContainerGroupDefinition`
    │    │ │  *Returned by:* `DescribeContainerGroupDefinition` , `ListContainerGroupDefinitions`
    │    │ ├ properties
    │    │ │  ├ TotalCpuLimit: (documentation changed)
    │    │ │  └ TotalMemoryLimit: (documentation changed)
    │    │ └ types
    │    │    ├[~] type ContainerDefinition
    │    │    │ └  - documentation: *This data type is used with the Amazon GameLift containers feature, which is currently in public preview.*
    │    │    │    Describes a container in a container fleet, the resources available to the container, and the commands that are run when the container starts. Container properties can't be updated. To change a property, create a new container group definition. See also `ContainerDefinitionInput` .
    │    │    │    *Part of:* `ContainerGroupDefinition`
    │    │    │    *Returned by:* `DescribeContainerGroupDefinition` , `ListContainerGroupDefinitions`
    │    │    │    + documentation: *This data type is currently not available. It is under improvement as we respond to customer feedback from the Containers public preview.*
    │    │    │    Describes a container in a container fleet, the resources available to the container, and the commands that are run when the container starts. Container properties can't be updated. To change a property, create a new container group definition. See also `ContainerDefinitionInput` .
    │    │    │    *Part of:* `ContainerGroupDefinition`
    │    │    │    *Returned by:* `DescribeContainerGroupDefinition` , `ListContainerGroupDefinitions`
    │    │    ├[~] type ContainerDependency
    │    │    │ └  - documentation: *This data type is used with the Amazon GameLift containers feature, which is currently in public preview.*
    │    │    │    A container's dependency on another container in the same container group. The dependency impacts how the dependent container is able to start or shut down based the status of the other container.
    │    │    │    For example, ContainerA is configured with the following dependency: a `START` dependency on ContainerB. This means that ContainerA can't start until ContainerB has started. It also means that ContainerA must shut down before ContainerB.
    │    │    │    *Part of:* `ContainerDefinition`
    │    │    │    + documentation: *This data type is currently not available. It is under improvement as we respond to customer feedback from the Containers public preview.*
    │    │    │    A container's dependency on another container in the same container group. The dependency impacts how the dependent container is able to start or shut down based the status of the other container.
    │    │    │    For example, ContainerA is configured with the following dependency: a `START` dependency on ContainerB. This means that ContainerA can't start until ContainerB has started. It also means that ContainerA must shut down before ContainerB.
    │    │    │    *Part of:* `ContainerDefinition`
    │    │    ├[~] type ContainerEnvironment
    │    │    │ └  - documentation: *This data type is used with the Amazon GameLift containers feature, which is currently in public preview.*
    │    │    │    An environment variable to set inside a container, in the form of a key-value pair.
    │    │    │    *Related data type:* `ContainerDefinition$Environment`
    │    │    │    + documentation: *This data type is currently not available. It is under improvement as we respond to customer feedback from the Containers public preview.*
    │    │    │    An environment variable to set inside a container, in the form of a key-value pair.
    │    │    │    *Related data type:* `ContainerDefinition$Environment`
    │    │    └[~] type ContainerPortRange
    │    │      └  - documentation: *This data type is used with the Amazon GameLift containers feature, which is currently in public preview.*
    │    │         A set of one or more port numbers that can be opened on the container.
    │    │         *Part of:* `ContainerPortConfiguration`
    │    │         + documentation: *This data type is currently not available. It is under improvement as we respond to customer feedback from the Containers public preview.*
    │    │         A set of one or more port numbers that can be opened on the container.
    │    │         *Part of:* `ContainerPortConfiguration`
    │    └[~] resource AWS::GameLift::Fleet
    │      ├ properties
    │      │  ├ ApplyCapacity: (documentation changed)
    │      │  ├ ContainerGroupsConfiguration: (documentation changed)
    │      │  ├ InstanceRoleARN: (documentation changed)
    │      │  └ InstanceRoleCredentialsProvider: (documentation changed)
    │      └ types
    │         ├[~] type ConnectionPortRange
    │         │ └  - documentation: *This operation has been expanded to use with the Amazon GameLift containers feature, which is currently in public preview.*
    │         │    The set of port numbers to open on each instance in a container fleet. Connection ports are used by inbound traffic to connect with processes that are running in containers on the fleet.
    │         │    *Part of:* `ContainerGroupsConfiguration` , `ContainerGroupsAttributes`
    │         │    + documentation: *This data type is currently not available. It is under improvement as we respond to customer feedback from the Containers public preview.*
    │         │    The set of port numbers to open on each instance in a container fleet. Connection ports are used by inbound traffic to connect with processes that are running in containers on the fleet.
    │         │    *Part of:* `ContainerGroupsConfiguration` , `ContainerGroupsAttributes`
    │         ├[~] type ContainerGroupsConfiguration
    │         │ └  - documentation: *This data type is used with the Amazon GameLift containers feature, which is currently in public preview.*
    │         │    Configuration details for a set of container groups, for use when creating a fleet with compute type `CONTAINER` .
    │         │    *Used with:* `CreateFleet`
    │         │    + documentation: *This data type is currently not available. It is under improvement as we respond to customer feedback from the Containers public preview.*
    │         │    Configuration details for a set of container groups, for use when creating a fleet with compute type `CONTAINER` .
    │         │    *Used with:* `CreateFleet`
    │         ├[~] type ContainerGroupsPerInstance
    │         │ └  - documentation: *This data type is used with the Amazon GameLift containers feature, which is currently in public preview.*
    │         │    Determines how many replica container groups that Amazon GameLift deploys to each instance in a container fleet.
    │         │    Amazon GameLift calculates the maximum possible replica groups per instance based on the instance 's CPU and memory resources. When deploying a fleet, Amazon GameLift places replica container groups on each fleet instance based on the following:
    │         │    - If no desired value is set, Amazon GameLift places the calculated maximum.
    │         │    - If a desired number is set to a value higher than the calculated maximum, fleet creation fails..
    │         │    - If a desired number is set to a value lower than the calculated maximum, Amazon GameLift places the desired number.
    │         │    *Part of:* `ContainerGroupsConfiguration` , `ContainerGroupsAttributes`
    │         │    *Returned by:* `DescribeFleetAttributes` , `CreateFleet`
    │         │    + documentation: *This data type is currently not available. It is under improvement as we respond to customer feedback from the Containers public preview.*
    │         │    Determines how many replica container groups that Amazon GameLift deploys to each instance in a container fleet.
    │         │    Amazon GameLift calculates the maximum possible replica groups per instance based on the instance 's CPU and memory resources. When deploying a fleet, Amazon GameLift places replica container groups on each fleet instance based on the following:
    │         │    - If no desired value is set, Amazon GameLift places the calculated maximum.
    │         │    - If a desired number is set to a value higher than the calculated maximum, fleet creation fails..
    │         │    - If a desired number is set to a value lower than the calculated maximum, Amazon GameLift places the desired number.
    │         │    *Part of:* `ContainerGroupsConfiguration` , `ContainerGroupsAttributes`
    │         │    *Returned by:* `DescribeFleetAttributes` , `CreateFleet`
    │         ├[~] type LocationCapacity
    │         │ └  - documentation: Current resource capacity settings for managed EC2 fleets and container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.
    │         │    *Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)
    │         │    + documentation: Current resource capacity settings for managed EC2 fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.
    │         │    *Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)
    │         ├[~] type LocationConfiguration
    │         │ ├  - documentation: *This data type has been expanded to use with the Amazon GameLift containers feature, which is currently in public preview.*
    │         │ │  A remote location where a multi-location fleet can deploy game servers for game hosting.
    │         │ │  + documentation: A remote location where a multi-location fleet can deploy game servers for game hosting.
    │         │ └ properties
    │         │    └ LocationCapacity: (documentation changed)
    │         ├[~] type RuntimeConfiguration
    │         │ └ properties
    │         │    └ MaxConcurrentGameSessionActivations: (documentation changed)
    │         └[~] type ServerProcess
    │           └ properties
    │              └ ConcurrentExecutions: (documentation changed)
    ├[~] service aws-inspectorv2
    │ └ resources
    │    └[~] resource AWS::InspectorV2::CisScanConfiguration
    │      └ types
    │         └[~] type CisTargets
    │           └ properties
    │              └ TargetResourceTags: - Map<string, Array<string>>
    │                                    + Map<string, Array<string>> (required)
    ├[~] service aws-lambda
    │ └ resources
    │    └[~] resource AWS::Lambda::Function
    │      └ types
    │         └[~] type Code
    │           ├  - documentation: The [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) for a Lambda function. To deploy a function defined as a container image, you specify the location of a container image in the Amazon ECR registry. For a .zip file deployment package, you can specify the location of an object in Amazon S3. For Node.js and Python functions, you can specify the function code inline in the template.
    │           │  Changes to a deployment package in Amazon S3 or a container image in ECR are not detected automatically during stack updates. To update the function code, change the object key or version in the template.
    │           │  + documentation: The [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) for a Lambda function. To deploy a function defined as a container image, you specify the location of a container image in the Amazon ECR registry. For a .zip file deployment package, you can specify the location of an object in Amazon S3. For Node.js and Python functions, you can specify the function code inline in the template.
    │           │  > When you specify source code inline for a Node.js function, the `index` file that AWS CloudFormation creates uses the extension `.js` . This means that Lambda treats the file as a CommonJS module. ES modules aren't supported for inline functions. 
    │           │  Changes to a deployment package in Amazon S3 or a container image in ECR are not detected automatically during stack updates. To update the function code, change the object key or version in the template.
    │           └ properties
    │              └ ZipFile: (documentation changed)
    ├[~] service aws-logs
    │ └ resources
    │    ├[~] resource AWS::Logs::Delivery
    │    │ └ properties
    │    │    ├[+] FieldDelimiter: string
    │    │    ├[+] RecordFields: Array<string>
    │    │    ├[+] S3EnableHiveCompatiblePath: boolean
    │    │    └[+] S3SuffixPath: string
    │    └[~] resource AWS::Logs::DeliveryDestination
    │      └ properties
    │         └[+] OutputFormat: string (immutable)
    ├[~] service aws-nimblestudio
    │ └ resources
    │    ├[~] resource AWS::NimbleStudio::LaunchProfile
    │    │ └ types
    │    │    ├[~] type StreamConfiguration
    │    │    │ └ properties
    │    │    │    ├ MaxSessionLengthInMinutes: - number (default=690)
    │    │    │    │                            + number
    │    │    │    └ MaxStoppedSessionLengthInMinutes: - number (default=0)
    │    │    │                                        + number
    │    │    ├[~] type StreamConfigurationSessionBackup
    │    │    │ └ properties
    │    │    │    └ MaxBackupsToRetain: - number (default=0)
    │    │    │                          + number
    │    │    └[~] type VolumeConfiguration
    │    │      └ properties
    │    │         ├ Iops: - number (default=3000)
    │    │         │       + number
    │    │         ├ Size: - number (default=500)
    │    │         │       + number
    │    │         └ Throughput: - number (default=125)
    │    │                       + number
    │    ├[~] resource AWS::NimbleStudio::StreamingImage
    │    │ └ attributes
    │    │    └ EncryptionConfiguration: (documentation changed)
    │    └[~] resource AWS::NimbleStudio::StudioComponent
    │      └ properties
    │         ├[-] RuntimeRoleArn: string
    │         └[-] SecureInitializationRoleArn: string
    ├[~] service aws-quicksight
    │ └ resources
    │    └[~] resource AWS::QuickSight::DataSource
    │      └ types
    │         ├[+] type OAuthParameters
    │         │ ├  name: OAuthParameters
    │         │ └ properties
    │         │    ├TokenProviderUrl: string (required)
    │         │    ├OAuthScope: string
    │         │    ├IdentityProviderVpcConnectionProperties: VpcConnectionProperties
    │         │    └IdentityProviderResourceUri: string
    │         ├[~] type SnowflakeParameters
    │         │ └ properties
    │         │    ├[+] AuthenticationType: string
    │         │    ├[+] DatabaseAccessControlRole: string
    │         │    └[+] OAuthParameters: OAuthParameters
    │         └[~] type StarburstParameters
    │           └ properties
    │              ├[+] AuthenticationType: string
    │              ├[+] DatabaseAccessControlRole: string
    │              └[+] OAuthParameters: OAuthParameters
    ├[~] service aws-rds
    │ └ resources
    │    ├[~] resource AWS::RDS::DBCluster
    │    │ └ properties
    │    │    └[+] ClusterScalabilityType: string (immutable)
    │    └[+] resource AWS::RDS::DBShardGroup
    │      ├  name: DBShardGroup
    │      │  cloudFormationType: AWS::RDS::DBShardGroup
    │      │  documentation: Creates a new DB shard group for Aurora Limitless Database. You must enable Aurora Limitless Database to create a DB shard group.
    │      │  Valid for: Aurora DB clusters only
    │      │  tagInformation: {"tagPropertyName":"Tags","variant":"standard"}
    │      ├ properties
    │      │  ├DBShardGroupIdentifier: string (immutable)
    │      │  ├DBClusterIdentifier: string (required, immutable)
    │      │  ├ComputeRedundancy: integer
    │      │  ├MaxACU: number (required)
    │      │  ├MinACU: number
    │      │  ├PubliclyAccessible: boolean (immutable)
    │      │  └Tags: Array<tag>
    │      └ attributes
    │         ├DBShardGroupResourceId: string
    │         └Endpoint: string
    ├[~] service aws-ses
    │ └ resources
    │    ├[~] resource AWS::SES::ConfigurationSet
    │    │ └ types
    │    │    └[~] type DeliveryOptions
    │    │      └ properties
    │    │         └ MaxDeliverySeconds: (documentation changed)
    │    └[~] resource AWS::SES::Template
    │      └ types
    │         └[~] type Template
    │           └  - documentation: An object that defines the email template to use for an email message, and the values to use for any message variables in that template. An *email template* is a type of message template that contains content that you want to define, save, and reuse in email messages that you send.
    │              + documentation: An object that defines the email template to use for an email message, and the values to use for any message variables in that template. An *email template* is a type of message template that contains content that you want to reuse in email messages that you send. You can specifiy the email template by providing the name or ARN of an *email template* previously saved in your Amazon SES account or by providing the full template content.
    └[~] service aws-wisdom
      └ resources
         ├[~] resource AWS::Wisdom::AIAgent
         │ ├  - documentation: Definition of AWS::Wisdom::AIAgent Resource Type
         │ │  + documentation: Creates an Amazon Q in Connect AI Agent.
         │ ├ properties
         │ │  ├ AssistantId: (documentation changed)
         │ │  ├ Configuration: (documentation changed)
         │ │  ├ Description: (documentation changed)
         │ │  ├ Name: (documentation changed)
         │ │  ├ Tags: (documentation changed)
         │ │  └ Type: (documentation changed)
         │ └ attributes
         │    ├ AIAgentArn: (documentation changed)
         │    ├ AIAgentId: (documentation changed)
         │    └ AssistantArn: (documentation changed)
         ├[+] resource AWS::Wisdom::AIAgentVersion
         │ ├  name: AIAgentVersion
         │ │  cloudFormationType: AWS::Wisdom::AIAgentVersion
         │ │  documentation: Creates and Amazon Q in Connect AI Agent version.
         │ ├ properties
         │ │  ├AIAgentId: string (required, immutable)
         │ │  ├AssistantId: string (required, immutable)
         │ │  └ModifiedTimeSeconds: number (immutable)
         │ └ attributes
         │    ├AIAgentVersionId: string
         │    ├AIAgentArn: string
         │    ├AssistantArn: string
         │    └VersionNumber: number
         └[~] resource AWS::Wisdom::AIPromptVersion
           ├  - documentation: Definition of AWS::Wisdom::AIPromptVersion Resource Type
           │  + documentation: Creates an Amazon Q in Connect AI Prompt version.
           └ attributes
              └ VersionNumber: (documentation changed)
    ```
    aws-cdk-automation authored Nov 11, 2024
    Configuration menu
    Copy the full SHA
    6303b72 View commit details
    Browse the repository at this point in the history

Commits on Nov 12, 2024

  1. feat(cli): upgrade aws-sdk to sdkv3 (#31702)

    This PR updates the CDK CLI to use the AWS SDK V3 instead of V2. 
    
    ### Manual Test Cases for Authorization
    All tests were run verbosely so that I could manually check the
    credentials being used from the CLI output.
    
    - [x] No credentials setup and no default profile fails as expected
    (established to ensure nothing was unintentionally setup)
    - [x] Explicitly provided profile sourced from config file, tested with
    both `--profile` and `AWS_PROFILE`
      - [x] `aws_access_key_id` and `aws_secret_access_key`
      - [x] `aws_access_key_id` and `aws_secret_access_key` and `region`
    - [x] `source_profile` and `role_arn` that points to another profile
    with `aws_access_key_id` and `aws_secret_access_key` in both config and
    credentials
      - [x] `source_profile` and `role_arn` that points to Environment
    - [x] `source_profile` that and `role_arn` that points to SSO profile in
    both config and credentials
    - [x] SSO both using all fields in `[profile]` and split between
    `[sso-session]` and `[profile]`
      - [x] `credential_source` is Environment
      - [x] `credential_process`
    - [x] Explicitly provided profile sourced from  credentials file
      - [x] `aws_access_key_id` and `aws_secret_access_key`
      - [x] `aws_access_key_id` and `aws_secret_access_key` and `region`
    - [x] `source_profile` and `role_arn` that points to another profile
    with `aws_access_key_id` and `aws_secret_access_key` in both config and
    credentials
      - [x] `source_profile` and `role_arn` that points to Environment
    - [x] `source_profile` that and `role_arn` that points to SSO profile in
    both config and credentials
      - [x]  `credential_source` is Environment
      - [x] `credential_source` is EcsContainer (integ tests in CodeBuild)
      - [x] `credential_process`
    - [x] Default profile (in both config file and credentials file)
    - [x] `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` environment
    variables set (cleared after test)
    - [x] `AMAZON_ACCESS_KEY_ID` and `AMAZON_SECRET_ACCESS_KEY` environment
    variables set (cleared after test)
      - [x] `aws_access_key_id` and `aws_secret_access_key`
      - [x] `aws_access_key_id` and `aws_secret_access_key` and `region`
    - [x] `source_profile` and `role_arn` that points to a profile with
    `aws_access_key_id` and `aws_secret_access_key`
    - [x] `source_profile` and `role_arn` that points to Environment (this
    will use `fromEnv` prior to getting to looking for `source_profile` in
    the Ini file)
      - [x] SSO profile is setup as default 
      - [x] `credential_process`
    
    Closes #25870, #26292, #20956, #24744, #27265, 20896.
    
    ### Reason for this change
    
    The AWS SDK V2 is now in maintenance mode.
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made
    under the terms of the Apache-2.0 license*
    
    ---------
    
    Co-authored-by: Otavio Macedo <[email protected]>
    Co-authored-by: Rico Huijbers <[email protected]>
    3 people authored Nov 12, 2024
    Configuration menu
    Copy the full SHA
    5bc0662 View commit details
    Browse the repository at this point in the history
  2. chore: make @aws-cdk/yargs-gen a devDependency (#32096)

    `yargs-gen` used to be a runtime dependency. The only reason seemed to be that there was a factory class for `DynamicResult` types in `yargs-gen`, called `DynamicValue`.
    
    In this PR, move the factory to the only location where it is used in the CLI itself, and turn the `import` of `yargs-gen` into an `import type`, which does not imply any runtime dependency.
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    rix0rrr authored Nov 12, 2024
    Configuration menu
    Copy the full SHA
    338d4c2 View commit details
    Browse the repository at this point in the history
  3. feat(redshift): relocating a cluster (#31993)

    ### Issue # (if applicable)
    
    None
    
    ### Reason for this change
    
    AWS Redshift supports for configuring [relocation a cluster](https://docs.aws.amazon.com/redshift/latest/mgmt/managing-cluster-recovery.html) and this feature is supported by [cfn](https://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html#cfn-redshift-cluster-availabilityzonerelocationstatus).
    
    ### Description of changes
    
    Add `availabilityZoneRelocation` to `CusterProps`.
    
    [Documents](https://docs.aws.amazon.com/redshift/latest/mgmt/managing-cluster-recovery.html) says that this feature is not supported for DC2 node type.
    
    ```
    Relocation isn't supported on DC2 instance families of products.
    ```
    
    However, this feature is only supported for RA3 node type in actual.
    
    Example implementation:
    ```ts
    new redshift.Cluster(stack, 'Cluster', {
      vpc: vpc,
      masterUser: {
        masterUsername: 'admin',
      },
      availabilityZoneRelocation: true,
      nodeType: redshift.NodeType.DC2_LARGE,
    });
    ```
    
    Result:
    ```sh
    Failed resources:
    AzRelocationClusterStack | 6:52:00 PM | CREATE_FAILED        | AWS::Redshift::Cluster                      | Cluster (ClusterEB0386A7) Resource handler returned message: "If the cluster node type isn?t RA3, availability zone relocation isn?t supported. (Service: Redshift, Status Code: 400, Request ID: 6382b593-cce5-4fe5-b4de-de1ad1c3a604)" (RequestToken: 94c999d9-7b72-19c4-9cfe-154fe6abc717, HandlerErrorCode: GeneralServiceException)
    ```
    
    So I added this validation.
    
    ```ts
        if (props.availabilityZoneRelocation && !nodeType.startsWith('ra3')) {
          throw new Error(`Availability zone relocation is supported for only RA3 node types, got: ${props.nodeType}`);
        }
    ```
    
    ### Description of how you validated changes
    
    Add both unit and integ tests.
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    badmintoncryer authored Nov 12, 2024
    Configuration menu
    Copy the full SHA
    b763d86 View commit details
    Browse the repository at this point in the history

Commits on Nov 13, 2024

  1. chore: exclude some logs-monitor code from coverage (#32107)

    Code that *may* or *may not* run should be excluded from coverage.
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    iliapolo authored Nov 13, 2024
    Configuration menu
    Copy the full SHA
    61a421c View commit details
    Browse the repository at this point in the history
  2. chore: disable codecov workflow on forks (#32109)

    We shouldn't be trying to publish codecov results when the workflow runs in a fork. Nevermind that it will most likely fail because a token is required. 
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    iliapolo authored Nov 13, 2024
    Configuration menu
    Copy the full SHA
    f598885 View commit details
    Browse the repository at this point in the history
  3. feat(lambda): support for customer managed encryption (CMCMK) (#32072)

    ### Issue # (if applicable)
    NA
    
    ### Reason for this change
    
    AWS Lambda is adding a new feature that allows customers to use their
    own AWS KMS keys to encrypt their Lambda function code stored in Amazon
    S3. This gives customers greater control and flexibility over the
    encryption of their sensitive data and code. The new SourceKMSKeyArn
    field in the Lambda function's Code object enables customers to specify
    the ARN of the KMS key to be used for encryption.
    
    ### Description of how you validated changes
    
    Have added unit tests and integration test to verify the feature.
    
    ### Checklist
    - [ ] My code adheres to the [CONTRIBUTING
    GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and
    [DESIGN
    GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made
    under the terms of the Apache-2.0 license*
    Vandita2020 authored Nov 13, 2024
    Configuration menu
    Copy the full SHA
    2f16415 View commit details
    Browse the repository at this point in the history
  4. feat(lambda): add supportsSnapStart config to dotnet8 and python 3.12 (

    …#32112)
    
    ### Issue # (if applicable)
    
    N/A
    
    ### Description of changes
    
    This change adds supportsSnapStart as true to dotnet8. This change is needed as Lambda Runtimes team is working on launching Snapstart support for dotnet8.
    
    Original PR raised by @Beau-Gosse-dev
    
    ### Description of how you validated changes
    
    Verified the change is the same as Python and Java.
    
    In addition, added new integ test
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    Leo10Gama authored Nov 13, 2024
    Configuration menu
    Copy the full SHA
    53f4713 View commit details
    Browse the repository at this point in the history
  5. chore(release): 2.167.0

    AWS CDK Team committed Nov 13, 2024
    Configuration menu
    Copy the full SHA
    589df9c View commit details
    Browse the repository at this point in the history