chore(release): 2.134.0 #29621
Merged
chore(release): 2.134.0 #29621
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Issue # (if applicable) ### Reason for this change Typos in doc ### Description of changes ### Description of how you validated changes ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…service principal in VPCEService `allowedPrincipals` (#29512) `VpcEndpointService` has the member `allowedPrincipals` which is of type `ArnPrincipal[]`. However, `ServicePrincipal` is also valid and works in the AWS console. This documentation update includes a workaround for including service principals in the `allowedPrincipals`. ### Issue #29478 Closes #29478 ### Reason for this change `VpcEndpointService` has the member `allowedPrincipals` which is of type `ArnPrincipal[]`. However, if you use the AWS console, allowlisting a service principal is supported as well. Users are not able to use the type `ServicePrincipal` in `allowedPrincipals` in CDK. This is a feature gap. I brought this up in #29478, and was told that the type couldn't be changed, but the workaround I was using could be added to the documentation. ### Description of changes Documentation update for the `aws-ec2` module which includes a workaround for including service principals in the `allowedPrincipals`. ### Description of how you validated changes N/A - minor documentation changes only ### Checklist - [X] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) part of #29186 (comment) same as #29333 ### Reason for this change CFN stack gets stuck after `yarn integ` because of not being able to create ECS service. ``` AWS::ECS::Service | CREATE_IN_PROGRESS ``` ``` $ aws ecs describe-tasks --cluster aws-ecs-integ-lb-fargate-cmd-entrypoint-xxx --tasks xxxxxxxxxxxxxxx | jq '.tasks[].stopCode' "EssentialContainerExited" ``` ### Description of changes Change `taskImageOptions` `image`, `command`, `entryPoint` and add security group. Ref: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/example_task_definitions.html#example_task_definition-webserver ### Description of how you validated changes Pass integration tests ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec`
**L1 CloudFormation resource definition changes:**
```
└[~] service aws-resiliencehub
└ resources
└[~] resource AWS::ResilienceHub::ResiliencyPolicy
├ properties
│ └ Policy: - PolicyMap ⇐ Map<string, FailurePolicy> (required)
│ + Map<string, FailurePolicy> (required)
└ types
└[-] type PolicyMap
├ name: PolicyMap
└ properties
├AZ: FailurePolicy (required)
├Hardware: FailurePolicy (required)
├Software: FailurePolicy (required)
└Region: FailurePolicy
```
I used [this doc](https://docs.aws.amazon.com/vpc/latest/privatelink/aws-services-privatelink-support.html) for the "friendly" names and tried to make them as close as possible to the AWS service names. Closes #29523. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.
Closes #29572. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…n README (#29545) ### Reason for this change I didn't know which APIs are implemented at a glance because some headers are omitted in the README. ### Description of changes I added headers for all APIs and updated the table of contents to show all headers. ### Description of how you validated changes I checked the preview of the markdown format. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) Closes #29503. ### Reason for this change [ALB supports configuring client keepalive duration](https://aws.amazon.com/jp/about-aws/whats-new/2024/03/application-load-balancer-http-keepalive-duration/) but AWS CDK cannot do that. ### Description of changes Add `clientKeepAlive` properties to `ApplicationLoadBalancerProps`. ```ts new elbv2.ApplicationLoadBalancer(stack, 'LB', { vpc, clientKeepAlive: Duration.seconds(250), }); ``` ### Description of how you validated changes I've added both integ and unit tests ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…ator (#29537) ### Issue # (if applicable) n/a ### Reason for this change Support new partitions from the AWS JS SDK: https://github.com/aws/aws-sdk-js-v3/blob/05c32e74595113347211ba0584197b665ebab1db/packages/util-endpoints/src/lib/aws/partitions.json#L190-L2 ### Description of changes Support new partitions from the AWS JS SDK: https://github.com/aws/aws-sdk-js-v3/blob/05c32e74595113347211ba0584197b665ebab1db/packages/util-endpoints/src/lib/aws/partitions.json#L190-L214 ### Description of how you validated changes This is a minor update to a mapping that has no existing unit tests. I'm happy to add if desired, but likely unnecessary. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) None as far as I can tell ### Reason for this change I was looking at the WebSocket integration to get a feel for #29562, and noticed a couple of missing properties ### Description of changes * Added support for `timeout` and `contentHandling` * Minor copy-pasta fixes in documentation and test description ### Description of how you validated changes I've added unit tests to check these optional properties. I've also updated and verified the following integrations tests: * `integ.lambda.ts`: * `ContentHandlingStrategy` and `TimeoutInMillis` are both correctly set ```sh $ aws apigatewayv2 get-integration --api-id bu24s9i8t0 --integration-id fxqec8c { "ConnectionType": "INTERNET", "ContentHandlingStrategy": "CONVERT_TO_TEXT", "IntegrationId": "fxqec8c", "IntegrationMethod": "POST", "IntegrationType": "AWS_PROXY", "IntegrationUri": "arn:aws:apigateway:us-east-1:lambda:path/2015-03-31/functions/arn:aws:lambda:us-east-1:637423343434:function:WebSocketApiInteg-DefaultHandler604DF7AC-GSQYxsiaKjkz/invocations", "PassthroughBehavior": "WHEN_NO_MATCH", "PayloadFormatVersion": "1.0", "RequestTemplates": {}, "TimeoutInMillis": 10000 } ``` * `integ.aws.ts`: * `ContentHandlingStrategy`, `TemplateSelectionExpression`, `TimeoutInMillis`, `PassthroughBehavior`, and `RequestParameters` are all correctly set ```sh $ aws apigatewayv2 get-integration --api-id qp17tw07w3 --integration-id hycmjxb { "ConnectionType": "INTERNET", "ContentHandlingStrategy": "CONVERT_TO_BINARY", "CredentialsArn": "arn:aws:iam::637423343434:role/integ-aws-websocket-integrat-ApiGatewayRoleD2518903-i80lztfxo5XI", "IntegrationId": "hycmjxb", "IntegrationMethod": "POST", "IntegrationResponseSelectionExpression": "${integration.response.statuscode}", "IntegrationType": "AWS", "IntegrationUri": "arn:aws:apigateway:us-east-1:dynamodb:action/PutItem", "PassthroughBehavior": "WHEN_NO_TEMPLATES", "PayloadFormatVersion": "1.0", "RequestParameters": { "integration.request.header.Content-Type": "'application/x-www-form-urlencoded'" }, "RequestTemplates": { "application/json": "{\"TableName\":\"MyTable\",\"Item\":{\"id\":{\"S\":\"$context.requestId\"}}}" }, "TemplateSelectionExpression": "\\$default", "TimeoutInMillis": 10000 } ``` ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) Could not find any in the backlog ### Reason for this change Update the CDK listed Bedrock foundation models to match the current availability, as well as add missing deprecated versions ### Description of changes * Added new models * Marked existing models as deprecated ### Description of how you validated changes I compared the current CDK models to live SDK data, using the `bedrock:ListFoundationModels` API results. Deprecated versions were established using the `modelLifecycle.status` field ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
) Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 43.0.0 to 43.0.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/releases">tj-actions/changed-files's releases</a>.</em></p> <blockquote> <h2>v43.0.1</h2> <h2>What's Changed</h2> <ul> <li>Upgraded to v43 by <a href="https://github.com/tj-actions-bot"><code>@tj-actions-bot</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1990">tj-actions/changed-files#1990</a></li> <li>chore(deps): update dependency <code>@types/node</code> to v20.11.28 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1991">tj-actions/changed-files#1991</a></li> <li>chore(deps): lock file maintenance by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1992">tj-actions/changed-files#1992</a></li> <li>chore(deps): update typescript-eslint monorepo to v7.3.0 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1993">tj-actions/changed-files#1993</a></li> <li>chore(deps): update dependency <code>@types/node</code> to v20.11.29 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1994">tj-actions/changed-files#1994</a></li> <li>Bump <code>@typescript-eslint/parser</code> from 7.3.0 to 7.3.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1996">tj-actions/changed-files#1996</a></li> <li>chore(deps): update dependency <code>@typescript-eslint/eslint-plugin</code> to v7.3.1 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1997">tj-actions/changed-files#1997</a></li> <li>Bump <code>@typescript-eslint/eslint-plugin</code> from 7.3.0 to 7.3.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1995">tj-actions/changed-files#1995</a></li> <li>chore(deps): update dependency <code>@types/node</code> to v20.11.30 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1998">tj-actions/changed-files#1998</a></li> <li>chore: update inputs.ts adding comment about fetch_depth by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2000">tj-actions/changed-files#2000</a></li> <li>fix: remove warning with detecting the local git repository when using Github's REST API by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2002">tj-actions/changed-files#2002</a></li> <li>chore(deps): update dependency typescript to v5.4.3 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2003">tj-actions/changed-files#2003</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/changed-files/compare/v43...v43.0.1">https://github.com/tj-actions/changed-files/compare/v43...v43.0.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v43.0.0...v43.0.1">43.0.1</a> - (2024-03-20)</h1> <h2>🐛 Bug Fixes</h2> <ul> <li>Remove warning with detecting the local git repository when using Github's REST API (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2002">#2002</a>) (<a href="https://github.com/tj-actions/changed-files/commit/077b23f6a68d9322b1b4ed4d0c88791b30b314d8">077b23f</a>) - (Tonye Jack)</li> </ul> <h2>📦 Bumps</h2> <ul> <li>Bump <code>@typescript-eslint/eslint-plugin</code> from 7.3.0 to 7.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/1995">#1995</a>)</li> </ul> <p>Signed-off-by: dependabot[bot] <a href="mailto:support@github.com">support@github.com</a> Co-authored-by: dependabot[bot] Co-authored-by: repo-ranger[bot] (<a href="https://github.com/tj-actions/changed-files/commit/5c6aa4947834d6dd7af1de76ed0e000a8cbc0964">5c6aa49</a>) - (dependabot[bot])</p> <ul> <li>Bump <code>@typescript-eslint/parser</code> from 7.3.0 to 7.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/1996">#1996</a>)</li> </ul> <p>Signed-off-by: dependabot[bot] <a href="mailto:support@github.com">support@github.com</a> Co-authored-by: dependabot[bot] (<a href="https://github.com/tj-actions/changed-files/commit/0320702dd5d94814f6c31f81f51dda71ff2d2afc">0320702</a>) - (dependabot[bot])</p> <h2>🔄 Update</h2> <ul> <li>Update README.md (<a href="https://github.com/tj-actions/changed-files/commit/2859a60726ea6e36242029176333d2d37880bbc5">2859a60</a>) - (Tonye Jack)</li> </ul> <h2>⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Update dependency typescript to v5.4.3 (<a href="https://github.com/tj-actions/changed-files/commit/20576b4b9ed46d41e2d45a2256e5e2316dde6834">20576b4</a>) - (renovate[bot])</li> <li>Update inputs.ts adding comment about fetch_depth (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2000">#2000</a>) (<a href="https://github.com/tj-actions/changed-files/commit/02768050b13fdd81ec63a329d99c63c70c0498d5">0276805</a>) - (Tonye Jack)</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v20.11.30 (<a href="https://github.com/tj-actions/changed-files/commit/427adf47f0f2cc0562d8ed340e6ada019719e4ed">427adf4</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@typescript-eslint/eslint-plugin</code> to v7.3.1 (<a href="https://github.com/tj-actions/changed-files/commit/aa0b62a2d0821235d320c725d8a3ac5eaa3d227a">aa0b62a</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v20.11.29 (<a href="https://github.com/tj-actions/changed-files/commit/38903688b4f76a85d37c033f85de20dc15cae06f">3890368</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update typescript-eslint monorepo to v7.3.0 (<a href="https://github.com/tj-actions/changed-files/commit/98a74d2cd69797eb746b5f87fc277dd48b6fecb7">98a74d2</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Lock file maintenance (<a href="https://github.com/tj-actions/changed-files/commit/068000d9c6712e4e03b15f450774548890556fc7">068000d</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v20.11.28 (<a href="https://github.com/tj-actions/changed-files/commit/490ac3999ea698495f8c32c2936450b9db118b2d">490ac39</a>) - (renovate[bot])</li> </ul> <h2>⬆️ Upgrades</h2> <ul> <li>Upgraded to v43 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/1990">#1990</a>)</li> </ul> <p>Co-authored-by: jackton1 <a href="mailto:17484350+jackton1@users.noreply.github.com">17484350+jackton1@users.noreply.github.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/d03038e4e418521b091b356b50cff5d7be177c78">d03038e</a>) - (tj-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v42.1.0...v43.0.0">43.0.0</a> - (2024-03-13)</h1> <h2>🚀 Features</h2> <ul> <li>Add support for returning true for <code>any_{changed, modified, deleted}</code> outputs when no patterns are specified (<a href="https://redirect.github.com/tj-actions/changed-files/issues/1988">#1988</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a5cf6aa30cfbe1e0764d2aa5e9f42edb847b6d55">a5cf6aa</a>) - (Tonye Jack)</li> </ul> <h2>🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/1989">#1989</a>)</li> </ul> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/20576b4b9ed46d41e2d45a2256e5e2316dde6834"><code>20576b4</code></a> chore(deps): update dependency typescript to v5.4.3</li> <li><a href="https://github.com/tj-actions/changed-files/commit/077b23f6a68d9322b1b4ed4d0c88791b30b314d8"><code>077b23f</code></a> fix: remove warning with detecting the local git repository when using Github...</li> <li><a href="https://github.com/tj-actions/changed-files/commit/02768050b13fdd81ec63a329d99c63c70c0498d5"><code>0276805</code></a> chore: update inputs.ts adding comment about fetch_depth (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2000">#2000</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/427adf47f0f2cc0562d8ed340e6ada019719e4ed"><code>427adf4</code></a> chore(deps): update dependency <code>@types/node</code> to v20.11.30</li> <li><a href="https://github.com/tj-actions/changed-files/commit/5c6aa4947834d6dd7af1de76ed0e000a8cbc0964"><code>5c6aa49</code></a> Bump <code>@typescript-eslint/eslint-plugin</code> from 7.3.0 to 7.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/1995">#1995</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/aa0b62a2d0821235d320c725d8a3ac5eaa3d227a"><code>aa0b62a</code></a> chore(deps): update dependency <code>@typescript-eslint/eslint-plugin</code> to v7.3.1</li> <li><a href="https://github.com/tj-actions/changed-files/commit/0320702dd5d94814f6c31f81f51dda71ff2d2afc"><code>0320702</code></a> Bump <code>@typescript-eslint/parser</code> from 7.3.0 to 7.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/1996">#1996</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/38903688b4f76a85d37c033f85de20dc15cae06f"><code>3890368</code></a> chore(deps): update dependency <code>@types/node</code> to v20.11.29</li> <li><a href="https://github.com/tj-actions/changed-files/commit/98a74d2cd69797eb746b5f87fc277dd48b6fecb7"><code>98a74d2</code></a> chore(deps): update typescript-eslint monorepo to v7.3.0</li> <li><a href="https://github.com/tj-actions/changed-files/commit/068000d9c6712e4e03b15f450774548890556fc7"><code>068000d</code></a> chore(deps): lock file maintenance</li> <li>Additional commits viewable in <a href="https://github.com/tj-actions/changed-files/compare/77af4bed286740ef1a6387dc4e4e4dec39f96054...20576b4b9ed46d41e2d45a2256e5e2316dde6834">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec` **L1 CloudFormation resource definition changes:** ``` ├[~] service aws-appintegrations │ └ resources │ └[~] resource AWS::AppIntegrations::Application │ └ attributes │ ├ ApplicationArn: (documentation changed) │ └ Id: (documentation changed) ├[~] service aws-codeartifact │ └ resources │ ├[~] resource AWS::CodeArtifact::PackageGroup │ │ ├ - documentation: The resource schema to create a CodeArtifact package group. │ │ │ + documentation: Creates a package group. For more information about creating package groups, including example CLI commands, see [Create a package group](https://docs.aws.amazon.com/codeartifact/latest/ug/create-package-group.html) in the *CodeArtifact User Guide* . │ │ ├ properties │ │ │ ├ ContactInfo: (documentation changed) │ │ │ ├ Description: (documentation changed) │ │ │ ├ DomainName: (documentation changed) │ │ │ ├ DomainOwner: (documentation changed) │ │ │ ├ OriginConfiguration: (documentation changed) │ │ │ ├ Pattern: (documentation changed) │ │ │ └ Tags: (documentation changed) │ │ ├ attributes │ │ │ └ Arn: (documentation changed) │ │ └ types │ │ ├[~] type OriginConfiguration │ │ │ ├ - documentation: undefined │ │ │ │ + documentation: The package group origin configuration that determines how package versions can enter repositories. │ │ │ └ properties │ │ │ └ Restrictions: (documentation changed) │ │ ├[~] type Restrictions │ │ │ ├ - documentation: undefined │ │ │ │ + documentation: Contains information about the configured restrictions of the origin controls of a package group. │ │ │ └ properties │ │ │ ├ ExternalUpstream: (documentation changed) │ │ │ ├ InternalUpstream: (documentation changed) │ │ │ └ Publish: (documentation changed) │ │ └[~] type RestrictionType │ │ ├ - documentation: undefined │ │ │ + documentation: The `RestrictionType` property type specifies the package group origin configuration restriction mode, and the repositories when the `RestrictionMode` is set to `ALLOW_SPECIFIC_REPOSITORIES` . │ │ └ properties │ │ ├ Repositories: (documentation changed) │ │ └ RestrictionMode: (documentation changed) │ └[~] resource AWS::CodeArtifact::Repository │ └ properties │ └ ExternalConnections: (documentation changed) ├[~] service aws-connect │ └ resources │ └[~] resource AWS::Connect::SecurityProfile │ └ types │ └[~] type Application │ ├ - documentation: A third-party application's metadata. │ │ + documentation: This API is in preview release for Amazon Connect and is subject to change. │ │ A third-party application's metadata. │ └ properties │ └ ApplicationPermissions: (documentation changed) ├[~] service aws-dms │ └ resources │ └[~] resource AWS::DMS::DataProvider │ └ types │ └[~] type PostgreSqlSettings │ ├ - documentation: undefined │ │ + documentation: Provides information that defines a PostgreSQL endpoint. │ └ properties │ ├ DatabaseName: (documentation changed) │ ├ Port: (documentation changed) │ └ ServerName: (documentation changed) ├[~] service aws-glue │ └ resources │ └[~] resource AWS::Glue::Crawler │ ├ properties │ │ └[+] LakeFormationConfiguration: LakeFormationConfiguration │ └ types │ └[+] type LakeFormationConfiguration │ ├ name: LakeFormationConfiguration │ └ properties │ ├UseLakeFormationCredentials: boolean │ └AccountId: string ├[~] service aws-securityhub │ └ resources │ └[~] resource AWS::SecurityHub::Insight │ ├ - documentation: The AWS::SecurityHub::Insight resource represents the AWS Security Hub Insight in your account. An AWS Security Hub insight is a collection of related findings. │ │ + documentation: Creates a custom insight in Security Hub. An insight is a consolidation of findings that relate to a security issue that requires attention or remediation. │ │ To group the related findings in the insight, use the `GroupByAttribute` . │ ├ properties │ │ ├ Filters: (documentation changed) │ │ ├ GroupByAttribute: (documentation changed) │ │ └ Name: (documentation changed) │ ├ attributes │ │ └ InsightArn: (documentation changed) │ └ types │ ├[~] type AwsSecurityFindingFilters │ │ ├ - documentation: A collection of filters that are applied to all active findings aggregated by AWS Security Hub. │ │ │ + documentation: A collection of filters that are applied to all active findings aggregated by AWS Security Hub . │ │ │ You can filter by up to ten finding attributes. For each attribute, you can provide up to 20 filter values. │ │ └ properties │ │ ├ ComplianceAssociatedStandardsId: (documentation changed) │ │ ├ ComplianceSecurityControlId: (documentation changed) │ │ ├ ComplianceStatus: (documentation changed) │ │ ├ FindingProviderFieldsTypes: (documentation changed) │ │ ├ GeneratorId: (documentation changed) │ │ ├ ProductFields: (documentation changed) │ │ ├ Type: (documentation changed) │ │ ├ UserDefinedFields: (documentation changed) │ │ ├ VulnerabilitiesExploitAvailable: (documentation changed) │ │ ├ VulnerabilitiesFixAvailable: (documentation changed) │ │ ├ WorkflowState: (documentation changed) │ │ └ WorkflowStatus: (documentation changed) │ ├[~] type IpFilter │ │ └ properties │ │ └ Cidr: (documentation changed) │ ├[~] type MapFilter │ │ ├ - documentation: A map filter for filtering AWS Security Hub findings. │ │ │ + documentation: A map filter for filtering AWS Security Hub findings. Each map filter provides the field to check for, the value to check for, and the comparison operator. │ │ └ properties │ │ ├ Comparison: (documentation changed) │ │ ├ Key: (documentation changed) │ │ └ Value: (documentation changed) │ └[~] type StringFilter │ └ properties │ ├ Comparison: (documentation changed) │ └ Value: (documentation changed) └[~] service aws-wafv2 └ resources ├[~] resource AWS::WAFv2::RuleGroup │ └ types │ ├[~] type Body │ │ └ properties │ │ └ OversizeHandling: (documentation changed) │ ├[~] type FieldToMatch │ │ └ properties │ │ ├ Body: (documentation changed) │ │ └ JsonBody: (documentation changed) │ └[~] type JsonBody │ └ properties │ └ OversizeHandling: (documentation changed) └[~] resource AWS::WAFv2::WebACL ├ properties │ └ AssociationConfig: (documentation changed) └ types ├[~] type AssociationConfig │ ├ - documentation: Specifies custom configurations for the associations between the web ACL and protected resources. │ │ Use this to customize the maximum size of the request body that your protected resources forward to AWS WAF for inspection. You can customize this setting for CloudFront. The default setting is 16 KB (16,384 bytes). │ │ > You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . │ │ For regional resources, the limit is fixed at 8 KB (8,192 bytes). │ │ + documentation: Specifies custom configurations for the associations between the web ACL and protected resources. │ │ Use this to customize the maximum size of the request body that your protected resources forward to AWS WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes). │ │ > You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . │ │ For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes). │ └ properties │ └ RequestBody: (documentation changed) ├[~] type Body │ └ properties │ └ OversizeHandling: (documentation changed) ├[~] type FieldToMatch │ └ properties │ ├ Body: (documentation changed) │ └ JsonBody: (documentation changed) ├[~] type JsonBody │ └ properties │ └ OversizeHandling: (documentation changed) └[~] type RequestBodyAssociatedResourceTypeConfig └ - documentation: Customizes the maximum size of the request body that your protected CloudFront resources forward to AWS WAF for inspection. The default size is 16 KB (16,384 bytes). > You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . Example JSON: `{ "API_GATEWAY": "KB_48", "APP_RUNNER_SERVICE": "KB_32" }` For regional resources, the limit is fixed at 8 KB (8,192 bytes). This is used in the `AssociationConfig` of the web ACL. + documentation: Customizes the maximum size of the request body that your protected CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access resources forward to AWS WAF for inspection. The default size is 16 KB (16,384 bytes). You can change the setting for any of the available resource types. > You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . Example JSON: `{ "API_GATEWAY": "KB_48", "APP_RUNNER_SERVICE": "KB_32" }` For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes). This is used in the `AssociationConfig` of the web ACL. ```
Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec`
**L1 CloudFormation resource definition changes:**
```
├[~] service aws-cloudwatch
│ └ resources
│ └[~] resource AWS::CloudWatch::AnomalyDetector
│ └ types
│ └[~] type SingleMetricAnomalyDetector
│ └ properties
│ └[+] AccountId: string
├[~] service aws-docdbelastic
│ └ resources
│ └[~] resource AWS::DocDBElastic::Cluster
│ └ properties
│ ├[+] BackupRetentionPeriod: integer
│ ├[+] PreferredBackupWindow: string
│ └[+] ShardInstanceCount: integer
├[~] service aws-elasticache
│ └ resources
│ └[~] resource AWS::ElastiCache::ParameterGroup
│ └ attributes
│ └[-] CacheParameterGroupName: string
├[~] service aws-entityresolution
│ └ resources
│ └[~] resource AWS::EntityResolution::IdMappingWorkflow
│ ├ properties
│ │ └ OutputSourceConfig: - Array<IdMappingWorkflowOutputSource> (required)
│ │ + Array<IdMappingWorkflowOutputSource>
│ └ types
│ └[~] type IdMappingWorkflowInputSource
│ └ properties
│ ├ SchemaArn: - string (required)
│ │ + string
│ └[+] Type: string
├[~] service aws-iam
│ └ resources
│ └[~] resource AWS::IAM::ManagedPolicy
│ └ properties
│ └ Path: - string (immutable)
│ + string (default="/", immutable)
└[~] service aws-securityhub
└ resources
├[-] resource AWS::SecurityHub::DelegatedAdmin
│ ├ name: DelegatedAdmin
│ │ cloudFormationType: AWS::SecurityHub::DelegatedAdmin
│ │ documentation: The AWS::SecurityHub::DelegatedAdmin resource represents the AWS Security Hub delegated admin account in your organization. One delegated admin resource is allowed to create for the organization in each region in which you configure the AdminAccountId.
│ ├ properties
│ │ └AdminAccountId: string (required, immutable)
│ └ attributes
│ ├DelegatedAdminIdentifier: string
│ └Status: string
├[-] resource AWS::SecurityHub::Insight
│ ├ name: Insight
│ │ cloudFormationType: AWS::SecurityHub::Insight
│ │ documentation: Creates a custom insight in Security Hub. An insight is a consolidation of findings that relate to a security issue that requires attention or remediation.
│ │ To group the related findings in the insight, use the `GroupByAttribute` .
│ ├ properties
│ │ ├Name: string (required)
│ │ ├Filters: AwsSecurityFindingFilters (required)
│ │ └GroupByAttribute: string (required)
│ ├ attributes
│ │ └InsightArn: string
│ └ types
│ ├type AwsSecurityFindingFilters
│ │├ documentation: A collection of filters that are applied to all active findings aggregated by AWS Security Hub .
│ ││ You can filter by up to ten finding attributes. For each attribute, you can provide up to 20 filter values.
│ ││ name: AwsSecurityFindingFilters
│ │└ properties
│ │ ├ProductArn: Array<StringFilter>
│ │ ├AwsAccountId: Array<StringFilter>
│ │ ├AwsAccountName: Array<StringFilter>
│ │ ├Id: Array<StringFilter>
│ │ ├GeneratorId: Array<StringFilter>
│ │ ├Type: Array<StringFilter>
│ │ ├Region: Array<StringFilter>
│ │ ├SeverityLabel: Array<StringFilter>
│ │ ├Title: Array<StringFilter>
│ │ ├Description: Array<StringFilter>
│ │ ├RecommendationText: Array<StringFilter>
│ │ ├SourceUrl: Array<StringFilter>
│ │ ├ProductFields: Array<MapFilter>
│ │ ├ProductName: Array<StringFilter>
│ │ ├CompanyName: Array<StringFilter>
│ │ ├UserDefinedFields: Array<MapFilter>
│ │ ├MalwareName: Array<StringFilter>
│ │ ├MalwareType: Array<StringFilter>
│ │ ├MalwarePath: Array<StringFilter>
│ │ ├MalwareState: Array<StringFilter>
│ │ ├NetworkDirection: Array<StringFilter>
│ │ ├NetworkProtocol: Array<StringFilter>
│ │ ├NetworkSourceIpV4: Array<IpFilter>
│ │ ├NetworkSourceIpV6: Array<IpFilter>
│ │ ├NetworkSourceDomain: Array<StringFilter>
│ │ ├NetworkSourceMac: Array<StringFilter>
│ │ ├NetworkDestinationIpV4: Array<IpFilter>
│ │ ├NetworkDestinationIpV6: Array<IpFilter>
│ │ ├NetworkDestinationDomain: Array<StringFilter>
│ │ ├ProcessName: Array<StringFilter>
│ │ ├ProcessPath: Array<StringFilter>
│ │ ├ThreatIntelIndicatorType: Array<StringFilter>
│ │ ├ThreatIntelIndicatorValue: Array<StringFilter>
│ │ ├ThreatIntelIndicatorCategory: Array<StringFilter>
│ │ ├ThreatIntelIndicatorSource: Array<StringFilter>
│ │ ├ThreatIntelIndicatorSourceUrl: Array<StringFilter>
│ │ ├ResourceType: Array<StringFilter>
│ │ ├ResourceId: Array<StringFilter>
│ │ ├ResourcePartition: Array<StringFilter>
│ │ ├ResourceRegion: Array<StringFilter>
│ │ ├ResourceTags: Array<MapFilter>
│ │ ├ResourceAwsEc2InstanceType: Array<StringFilter>
│ │ ├ResourceAwsEc2InstanceImageId: Array<StringFilter>
│ │ ├ResourceAwsEc2InstanceIpV4Addresses: Array<IpFilter>
│ │ ├ResourceAwsEc2InstanceIpV6Addresses: Array<IpFilter>
│ │ ├ResourceAwsEc2InstanceKeyName: Array<StringFilter>
│ │ ├ResourceAwsEc2InstanceIamInstanceProfileArn: Array<StringFilter>
│ │ ├ResourceAwsEc2InstanceVpcId: Array<StringFilter>
│ │ ├ResourceAwsEc2InstanceSubnetId: Array<StringFilter>
│ │ ├ResourceAwsS3BucketOwnerId: Array<StringFilter>
│ │ ├ResourceAwsS3BucketOwnerName: Array<StringFilter>
│ │ ├ResourceAwsIamAccessKeyStatus: Array<StringFilter>
│ │ ├ResourceContainerName: Array<StringFilter>
│ │ ├ResourceContainerImageId: Array<StringFilter>
│ │ ├ResourceContainerImageName: Array<StringFilter>
│ │ ├ResourceDetailsOther: Array<MapFilter>
│ │ ├ComplianceStatus: Array<StringFilter>
│ │ ├VerificationState: Array<StringFilter>
│ │ ├WorkflowState: Array<StringFilter>
│ │ ├WorkflowStatus: Array<StringFilter>
│ │ ├RecordState: Array<StringFilter>
│ │ ├RelatedFindingsProductArn: Array<StringFilter>
│ │ ├RelatedFindingsId: Array<StringFilter>
│ │ ├ResourceApplicationArn: Array<StringFilter>
│ │ ├ResourceApplicationName: Array<StringFilter>
│ │ ├NoteText: Array<StringFilter>
│ │ ├NoteUpdatedBy: Array<StringFilter>
│ │ ├Sample: Array<BooleanFilter>
│ │ ├ComplianceAssociatedStandardsId: Array<StringFilter>
│ │ ├ComplianceSecurityControlId: Array<StringFilter>
│ │ ├ComplianceSecurityControlParametersName: Array<StringFilter>
│ │ ├ComplianceSecurityControlParametersValue: Array<StringFilter>
│ │ ├FindingProviderFieldsRelatedFindingsId: Array<StringFilter>
│ │ ├FindingProviderFieldsRelatedFindingsProductArn: Array<StringFilter>
│ │ ├FindingProviderFieldsSeverityLabel: Array<StringFilter>
│ │ ├FindingProviderFieldsSeverityOriginal: Array<StringFilter>
│ │ ├FindingProviderFieldsTypes: Array<StringFilter>
│ │ ├ResourceAwsIamAccessKeyPrincipalName: Array<StringFilter>
│ │ ├ResourceAwsIamUserUserName: Array<StringFilter>
│ │ ├VulnerabilitiesExploitAvailable: Array<StringFilter>
│ │ └VulnerabilitiesFixAvailable: Array<StringFilter>
│ ├type StringFilter
│ │├ documentation: A string filter for filtering AWS Security Hub findings.
│ ││ name: StringFilter
│ │└ properties
│ │ ├Comparison: string (required)
│ │ └Value: string (required)
│ ├type MapFilter
│ │├ documentation: A map filter for filtering AWS Security Hub findings. Each map filter provides the field to check for, the value to check for, and the comparison operator.
│ ││ name: MapFilter
│ │└ properties
│ │ ├Comparison: string (required)
│ │ ├Key: string (required)
│ │ └Value: string (required)
│ ├type IpFilter
│ │├ documentation: The IP filter for querying findings.
│ ││ name: IpFilter
│ │└ properties
│ │ └Cidr: string
│ └type BooleanFilter
│ ├ documentation: Boolean filter for querying findings.
│ │ name: BooleanFilter
│ └ properties
│ └Value: boolean (required)
└[-] resource AWS::SecurityHub::ProductSubscription
├ name: ProductSubscription
│ cloudFormationType: AWS::SecurityHub::ProductSubscription
│ documentation: The AWS::SecurityHub::ProductSubscription resource represents a subscription to a service that is allowed to generate findings for your Security Hub account. One product subscription resource is created for each product enabled.
├ properties
│ └ProductArn: string (required, immutable)
└ attributes
└ProductSubscriptionArn: string
```
…9577) Reverts #27921 Failing in the test pipeline on [this test](https://github.com/aws/aws-cdk/blob/07ce8ecc42782475d099b89944571375341c28d3/packages/%40aws-cdk-testing/cli-integ/tests/cli-integ-tests/cli.integtest.ts#L190) where it was not erroring out as it should have. [The error here](https://github.com/aws/aws-cdk/blob/07ce8ecc42782475d099b89944571375341c28d3/packages/aws-cdk/lib/api/cxapp/cloud-executable.ts#L86) is not being thrown.
aws-cdk-automation
added
auto-approve
pr/no-squash
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
aws-cdk-automation
had a problem deploying
to
test-pipeline
GitHub Actions
Failure
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be automatically updated and merged without squashing (do not update manually, and be sure to allow changes to be pushed to your fork). |
This was referenced Apr 1, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See CHANGELOG