chore(release): 2.165.0 #31966
Merged
chore(release): 2.165.0 #31966
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…get (#31872) ### Issue # (if applicable) None. ### Reason for this change Missing this test case. ### Description of changes Adding a unit test to verify `Schedule` works with Lambda Version and correct permissions are added. ### Description of how you validated changes Unit test. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
#31873) ### Issue # (if applicable) None ### Reason for this change Missing this test case. ### Description of changes Adding a unit test to verify `Schedule` works with Lambda Alias and correct permissions are added. ### Description of how you validated changes Unit test. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) Internal reference: D166315367 ### Reason for this change In FIPS enabled environments, the MD5 algorithm is not available for use in crypto module. However by default the S3 client is using an MD5 checksum for content integrity checking. This causes any S3 upload operation to fail with a cryptography error. ### Description of changes We are disabling the S3 content checksums, and are re-enabling the regular SigV4 body signing. SigV4 uses SHA256 for their content checksum. This configuration matches the default behavior of the AWS SDKv3 and is a safe choice for all users. ### Description of how you validated changes For non-FIPS users, we have verified functionality via cli-integ-tests. For FIPS users, we have manually verified `cdk deploy` is now working in a FIPS enabled environment. We have also verified the configuration with the affected customer. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) None. ### Reason for this change Improve ergonomics of the `LambdaInvoke` constructor signature. The second argument is not required so we should not force customers to pass in an empty object. ### Description of changes Make the `LambdaInvoke` `prop` argument default to empty object. ### Description of how you validated changes Unit test updated to omit the `prop` argument if no props are being passed. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Clean up our core aliases to reflect who is working on aws-cdk. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.
### Issue # (if applicable)
None
### Reason for this change
There are some interface VPC endpoints which is not supported by AWS CDK.
### Description of changes
Add three interface VPC endpoints
- WorkMail (com.amazonaws.region.workmail)
- AWS End User Messaging Social (com.amazonaws.region.social-messaging)
- AWS Price List (com.amazonaws.region.pricing.api)
### Description of how you validated changes
Execute AWS CLI:
```sh
❯ aws ec2 describe-vpc-endpoint-services --filters Name=service-type,Values=Interface Name=owner,Values=amazon --region us-east-1 --query ServiceNames | grep workmail
"com.amazonaws.us-east-1.workmail",
❯ aws ec2 describe-vpc-endpoint-services --filters Name=service-type,Values=Interface Name=owner,Values=amazon --region us-east-1 --query ServiceNames | grep social
"com.amazonaws.us-east-1.social-messaging",
❯ aws ec2 describe-vpc-endpoint-services --filters Name=service-type,Values=Interface Name=owner,Values=amazon --region us-east-1 --query ServiceNames | grep pricing
"com.amazonaws.us-east-1.pricing.api",
```
### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
----
*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…eation (#31818) ### Issue # (if applicable) Closes #31329. ### Reason for this change The timeout setting for the custom resource that executes the query is fixed at 1 minute, causing a timeout when attempting to run heavy operations. Detail example is describe in [the original issue](#31329 (comment)). ### Description of changes - Add timeout prop to `DatabaseQueryProps` and `TableProps` ### Description of how you validated changes Added both unit and integ tests. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Reason for this change Aurora MySQL version 1 for MySQL 5.6 is deprecated now. https://docs.aws.amazon.com/AmazonRDS/latest/AuroraMySQLReleaseNotes/AuroraMySQL.Updates.11Updates.html ### Description of changes Deprecated the version and no longer use the version in integ tests. ### Description of how you validated changes ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
What should happen is that the output of shell commands gets buffered, and only printed if the test running them fails. In practice, we see the output being printed directly. The buffering code is a bit confusing, and we don't exactly understand why it's not working. Try to simplify the code a bit and remove mutable variable manipulation, to address the above. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) N/A ### Reason for this change The `InterfaceVpcEndpointAwsService` class was missing the AWS Price List service. ### Description of changes Added `InterfaceVpcEndpointAwsService.PRICING_API` to the enum, connected to the service `'pricing.api'` in accordance with [documentation](https://docs.aws.amazon.com/vpc/latest/privatelink/aws-services-privatelink-support.html). ### Description of how you validated changes Verified the extension via the documentation, and confirmed the endpoint exists in the console:  ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Calling this a feat because I believe technically we are updating the functionality of gc. Previously we were waiting for stacks in `REVIEW_IN_PROGRESS` to land, because that is the one CFN state that you cannot retrieve a template for (because it doesn't exist yet). However in environments where we are constantly deploying new stacks (like our test environments), we may never get to a state in the allotted time where no stacks are `REVIEW_IN_PROGRESS`. Instead, we are going to ignore `REVIEW_IN_PROGRESS` stacks. This will introduce a subtle race condition where a previously isolated asset becomes in-use by the `REVIEW_IN_PROGRESS` stack before it turns into a `CREATE_IN_PROGRESS` stack and we can reference its stack. If garbage collection happens to come across the isolated asset while the stack is `REVIEW_IN_PROGRESS` (aka before it is `CREATE_IN_PROGRESS` but after CDK has verified that the assets exist) we will garbage collect the asset. However, we don't expect this to become a big problem in practice. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Follow up to #31611 which introduced S3 Asset Garbage Collection ## ECR Asset Garbage Collection `cdk gc` now collects ECR assets. ```bash cdk gc aws://0123456789012/us-east-1 \ --unstable='gc' \ --type='ecr' ``` or ```bash cdk gc aws://0123456789012/us-east-1 \ --unstable='gc' \ --type='all' ``` all other options are duplicated from s3. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…dk/aws-lambda-python-alpha/test/lambda-handler-project/shared (#31890) Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.18 to 1.26.19. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>1.26.19</h2> <h2>🚀 urllib3 is fundraising for HTTP/2 support</h2> <p><a href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3 is raising ~$40,000 USD</a> to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects <a href="https://opencollective.com/urllib3">please consider contributing financially</a> to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.</p> <p>Thank you for your support.</p> <h2>Changes</h2> <ul> <li>Added the <code>Proxy-Authorization</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>.</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/urllib3/urllib3/compare/1.26.18...1.26.19">https://github.com/urllib3/urllib3/compare/1.26.18...1.26.19</a></p> <p>Note that due to an issue with our release automation, no <code> multiple.intoto.jsonl</code> file is available for this release.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>1.26.19 (2024-06-17)</h1> <ul> <li>Added the <code>Proxy-Authorization</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>.</li> <li>Fixed handling of OpenSSL 3.2.0 new error message for misconfiguring an HTTP proxy as HTTPS. (<code>[#3405](urllib3/urllib3#3405) <https://github.com/urllib3/urllib3/issues/3405></code>__)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/d9d85c88aa644af56d5e129634e750ce76e1a765"><code>d9d85c8</code></a> Release 1.26.19</li> <li><a href="https://github.com/urllib3/urllib3/commit/8528b63b6fe5cfd7b21942cf988670de68fcd8c0"><code>8528b63</code></a> [1.26] Fix downstream tests (<a href="https://redirect.github.com/urllib3/urllib3/issues/3409">#3409</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/40b6d1605814dd1db0a46e202d6e56f2e4c9a468"><code>40b6d16</code></a> Merge pull request from GHSA-34jh-p97f-mpxf</li> <li><a href="https://github.com/urllib3/urllib3/commit/29cfd02f66376c61bd20f1725477925106321f68"><code>29cfd02</code></a> Fix handling of OpenSSL 3.2.0 new error message "record layer failure" (<a href="https://redirect.github.com/urllib3/urllib3/issues/3405">#3405</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/b60064388302f54a3455259ddab121618650a154"><code>b600643</code></a> [1.26] Bump RECENT_DATE (<a href="https://redirect.github.com/urllib3/urllib3/issues/3404">#3404</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/7e2d3890926d4788e219f63e2e36fbeb8714827f"><code>7e2d389</code></a> [1.26] Fix running CPython 2.7 tests in CI (<a href="https://redirect.github.com/urllib3/urllib3/issues/3137">#3137</a>)</li> <li>See full diff in <a href="https://github.com/urllib3/urllib3/compare/1.26.18...1.26.19">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aws/aws-cdk/network/alerts). </details>
### Issue # (if applicable) Closes #31911. ### Reason for this change `InterfaceVpcEndpointAwsService('pricing.api')` enum duplicated. https://github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/aws-ec2/lib/vpc-endpoint.ts#L518 https://github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/aws-ec2/lib/vpc-endpoint.ts#L520 One side should be deleted. ### Description of changes Delete the enum that was added later. ### Description of how you validated changes nothing because only enum changed ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec`
**L1 CloudFormation resource definition changes:**
```
├[~] service aws-appsync
│ └ resources
│ └[~] resource AWS::AppSync::GraphQLApi
│ ├ properties
│ │ └ EnvironmentVariables: - json
│ │ + json ⇐ Map<string, string>
│ ├ attributes
│ │ └ Id: (documentation changed)
│ └ types
│ └[~] type LambdaAuthorizerConfig
│ └ properties
│ └ AuthorizerResultTtlInSeconds: - number
│ + integer ⇐ number
├[~] service aws-autoscaling
│ └ resources
│ └[~] resource AWS::AutoScaling::AutoScalingGroup
│ ├ properties
│ │ ├[+] AvailabilityZoneDistribution: AvailabilityZoneDistribution
│ │ └ TrafficSources: (documentation changed)
│ └ types
│ ├[+] type AvailabilityZoneDistribution
│ │ ├ name: AvailabilityZoneDistribution
│ │ └ properties
│ │ └CapacityDistributionStrategy: string
│ └[~] type TrafficSourceIdentifier
│ ├ - documentation: undefined
│ │ + documentation: Identifying information for a traffic source.
│ └ properties
│ ├ Identifier: (documentation changed)
│ └ Type: (documentation changed)
├[~] service aws-backup
│ └ resources
│ └[+] resource AWS::Backup::LogicallyAirGappedBackupVault
│ ├ name: LogicallyAirGappedBackupVault
│ │ cloudFormationType: AWS::Backup::LogicallyAirGappedBackupVault
│ │ documentation: Creates a logical container to where backups may be copied.
│ │ This request includes a name, the Region, the maximum number of retention days, the minimum number of retention days, and optionally can include tags and a creator request ID.
│ │ > Do not include sensitive data, such as passport numbers, in the name of a backup vault.
│ │ tagInformation: {"tagPropertyName":"BackupVaultTags","variant":"map"}
│ ├ properties
│ │ ├AccessPolicy: json | string
│ │ ├BackupVaultName: string (required, immutable)
│ │ ├MinRetentionDays: integer (required, immutable)
│ │ ├MaxRetentionDays: integer (required, immutable)
│ │ ├BackupVaultTags: Map<string, string>
│ │ ├Notifications: NotificationObjectType
│ │ ├VaultState: string
│ │ └VaultType: string
│ ├ attributes
│ │ ├BackupVaultArn: string
│ │ └EncryptionKeyArn: string
│ └ types
│ └type NotificationObjectType
│ ├ name: NotificationObjectType
│ └ properties
│ ├BackupVaultEvents: Array<string> (required)
│ └SNSTopicArn: string (required)
├[~] service aws-bedrock
│ └ resources
│ ├[~] resource AWS::Bedrock::Flow
│ │ └ types
│ │ └[~] type PromptModelInferenceConfiguration
│ │ └ properties
│ │ └ TopK: (documentation changed)
│ ├[~] resource AWS::Bedrock::FlowVersion
│ │ └ types
│ │ └[~] type PromptModelInferenceConfiguration
│ │ └ properties
│ │ └ TopK: (documentation changed)
│ ├[~] resource AWS::Bedrock::Prompt
│ │ └ types
│ │ └[~] type PromptModelInferenceConfiguration
│ │ └ properties
│ │ └ TopK: (documentation changed)
│ └[~] resource AWS::Bedrock::PromptVersion
│ └ types
│ └[~] type PromptModelInferenceConfiguration
│ └ properties
│ └ TopK: (documentation changed)
├[~] service aws-cognito
│ └ resources
│ └[~] resource AWS::Cognito::UserPoolIdentityProvider
│ ├ properties
│ │ ├ AttributeMapping: - json
│ │ │ + Map<string, string> ⇐ json
│ │ └ ProviderDetails: - json
│ │ + Map<string, string> ⇐ json (required)
│ └ attributes
│ └ Id: (documentation changed)
├[~] service aws-ec2
│ └ resources
│ ├[~] resource AWS::EC2::CapacityReservation
│ │ └ properties
│ │ └ UnusedReservationBillingOwnerId: (documentation changed)
│ └[~] resource AWS::EC2::EIP
│ └ properties
│ ├[+] Address: string (immutable)
│ └[+] IpamPoolId: string (immutable)
├[~] service aws-eks
│ └ resources
│ └[~] resource AWS::EKS::Cluster
│ ├ properties
│ │ ├ Name: (documentation changed)
│ │ └ ZonalShiftConfig: (documentation changed)
│ └ types
│ └[~] type ZonalShiftConfig
│ ├ - documentation: The current zonal shift configuration to use for the cluster.
│ │ + documentation: The configuration for zonal shift for the cluster.
│ └ properties
│ └ Enabled: (documentation changed)
├[~] service aws-elasticache
│ └ resources
│ ├[~] resource AWS::ElastiCache::CacheCluster
│ │ └ properties
│ │ └ Engine: (documentation changed)
│ ├[~] resource AWS::ElastiCache::GlobalReplicationGroup
│ │ └ properties
│ │ └[+] Engine: string
│ └[~] resource AWS::ElastiCache::ReplicationGroup
│ └ properties
│ └ Engine: (documentation changed)
├[~] service aws-imagebuilder
│ └ resources
│ └[~] resource AWS::ImageBuilder::InfrastructureConfiguration
│ ├ properties
│ │ └[+] Placement: Placement
│ └ types
│ └[+] type Placement
│ ├ documentation: By default, EC2 instances run on shared tenancy hardware. This means that multiple AWS accounts might share the same physical hardware. When you use dedicated hardware, the physical server that hosts your instances is dedicated to your AWS account . Instance placement settings contain the details for the physical hardware where instances that Image Builder launches during image creation will run.
│ │ name: Placement
│ └ properties
│ ├AvailabilityZone: string
│ ├Tenancy: string
│ ├HostId: string
│ └HostResourceGroupArn: string
├[~] service aws-iot
│ └ resources
│ ├[~] resource AWS::IoT::DomainConfiguration
│ │ ├ properties
│ │ │ ├ ApplicationProtocol: (documentation changed)
│ │ │ ├ AuthenticationType: (documentation changed)
│ │ │ └ ClientCertificateConfig: (documentation changed)
│ │ └ types
│ │ └[~] type ClientCertificateConfig
│ │ ├ - documentation: An object that specifies the client certificate configuration for a domain.
│ │ │ > This property isn't available in China.
│ │ │ + documentation: An object that specifies the client certificate configuration for a domain.
│ │ └ properties
│ │ └ ClientCertificateCallbackArn: (documentation changed)
│ └[~] resource AWS::IoT::SoftwarePackageVersion
│ └ properties
│ ├ Attributes: (documentation changed)
│ ├ Description: (documentation changed)
│ ├ PackageName: (documentation changed)
│ ├ Tags: (documentation changed)
│ └ VersionName: (documentation changed)
├[~] service aws-iotwireless
│ └ resources
│ └[~] resource AWS::IoTWireless::WirelessDeviceImportTask
│ └ types
│ └[~] type Sidewalk
│ └ properties
│ └ Role: (documentation changed)
├[~] service aws-memorydb
│ └ resources
│ └[~] resource AWS::MemoryDB::Cluster
│ └ properties
│ └[+] Engine: string
├[~] service aws-qbusiness
│ └ resources
│ ├[~] resource AWS::QBusiness::DataSource
│ │ └ properties
│ │ └ Configuration: (documentation changed)
│ └[~] resource AWS::QBusiness::WebExperience
│ └ properties
│ └ Origins: (documentation changed)
├[~] service aws-redshift
│ └ resources
│ └[~] resource AWS::Redshift::Integration
│ ├ - documentation: Integration from a source AWS service to a Redshift cluster
│ │ + documentation: Describes a zero-ETL integration.
│ └ properties
│ ├ AdditionalEncryptionContext: (documentation changed)
│ ├ KMSKeyId: (documentation changed)
│ ├ SourceArn: (documentation changed)
│ ├ Tags: (documentation changed)
│ └ TargetArn: (documentation changed)
├[~] service aws-refactorspaces
│ └ resources
│ └[~] resource AWS::RefactorSpaces::Environment
│ └ properties
│ ├ Name: - string (required, immutable)
│ │ + string (immutable)
│ └ NetworkFabricType: - string (required, immutable)
│ + string (immutable)
├[~] service aws-resiliencehub
│ └ resources
│ └[~] resource AWS::ResilienceHub::ResiliencyPolicy
│ └ properties
│ └ PolicyDescription: (documentation changed)
├[~] service aws-route53
│ └ resources
│ └[~] resource AWS::Route53::RecordSet
│ └ types
│ └[~] type AliasTarget
│ └ properties
│ └ EvaluateTargetHealth: - boolean
│ + boolean (default=false)
└[~] service aws-sagemaker
└ resources
├[~] resource AWS::SageMaker::Domain
│ ├ properties
│ │ └[+] TagPropagation: string
│ └ types
│ └[~] type DomainSettings
│ └ properties
│ └[+] ExecutionRoleIdentityConfig: string
└[~] resource AWS::SageMaker::Endpoint
└ attributes
└[+] EndpointArn: string
```
Currently, the generated C# code doesn't compile with this error: ``` error CS0115: 'VpcV2Base._Proxy.Ipv4IpamProvisionedCidrs': no suitable method found to override ``` The reason is that the abstract base class that implements an interface doesn't have an abstract field for that interface. Then when a subclass does implement it, it gets rendered to an `override` in C#, but there is no method to override. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
CDK assets in the bootstrap bucket are content-addressed and immutable so we never naturally create noncurrent versions. However, with the introduction of the `cdk gc` command, we now have the capacity to delete unused objects in the bucket. Because the bucket is versioned by default, the delete command [actually](https://docs.aws.amazon.com/AmazonS3/latest/userguide/DeletingObjectVersions.html) just replaces the object with a new dummy version (thus the deleted object becomes noncurrent). Now that noncurrent objects _can_ happen, if one utilizes `cdk gc`, we are updating the bootstrap template to retain them for 30 days rather than 365 days. Update to bootstrap version 24 to use this new lifecycle policy in conjunction with `cdk gc`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) Closes #22850. ### Reason for this change To support VPC Ingress Connection for making App Runner Service private and only accessible from within a VPC. ### Description of changes * Add `isPubliclyAccessible` property to the `Service` class * Add `VpcIngressConnection` class ### Description of how you validated changes Add unit tests and integ tests ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Add SageMaker pipeline as a Pipes target.
…31951) because somehow I wrote `continue` instead of `break` in that instance... added a test to make sure. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…eveloper preview (#31952) ### Description of changes Set maturity for `aws-kinesisfirehose-alpha` and `aws-kinesisfirehose-destinations-alpha` module to `developer-preview`. Note: These two modules will be combined when officially stabilized into the `aws-cdk-lib/aws-kinesisfirehose` module which will be RENAMED to `aws-firehose`. ### Checklist - [s] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…ipt init templates (#31953) This reverts #31927 There are some TypeScript init tests failed. Revert the change for now so that it doesn't block the release. Will investigate why those test failed. ### Issue # (if applicable) Closes #<issue number here>. ### Reason for this change ### Description of changes ### Description of how you validated changes ### Checklist - [ ] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…1960) In our integ tests, we were testing TypeScript versions from 3.9 up to the latest version, which recently broke because of a change to modernize the init templates. We should up this range to a recent version; the common support lifetime of a TypeScript version is the one on `DefinitelyTyped`, the types registry for TypeScript packages. They only target TS versions less than 2 years old, which at the time of this PR is 4.9 and higher. Encode that policy into code automatically, so that we don't have to manually keep this minimum version up-to-date. This currently ages out the following versions: ``` ✕ typescript 3.9 init app ✕ typescript 4.0 init app ✕ typescript 4.1 init app ✕ typescript 4.2 init app ✕ typescript 4.3 init app ✕ typescript 4.4 init app ✕ typescript 4.5 init app ✕ typescript 4.6 init app ✕ typescript 4.7 init app ✕ typescript 4.8 init app ------------------------------8< cut line ----- ✕ typescript 4.9 init app ✓ typescript 5.0 init app ✓ typescript 5.1 init app ✓ typescript 5.2 init app ✓ typescript 5.3 init app ✓ typescript 5.4 init app ✓ typescript 5.5 init app ✓ typescript 5.6 init app ``` Unfortunately not enough to save the TypeScript template modernization change entirely... but at least it's an improvement. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…7 days (#31956) Closes #29045 ### Reason for this change AWS Trusted Advisor rolled out the S3 Incomplete Multipart Upload Abort Configuration check to help users manage costs associated with Amazon S3 storage ### Description of changes Added a new lifecycle rule to the bucket and incremented the bootstrap version to 24. ### Description of how you validated changes N/a ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) Closes #21026. ### Reason for this change To support UserPool Group L2 Construct. ### Description of changes Add `UserPoolGroup` class. ### Description of how you validated changes Add unit tests and integ tests. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) Closes #29384 ### Reason for this change To support Amazon API Gateway enrichment for EventBridge pipes. ### Description of changes Add `ApiGatewayEnrichment` construct. ### Description of how you validated changes Add unit tests and integ test. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
aws-cdk-automation
added
auto-approve
pr/no-squash
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
aws-cdk-automation
had a problem deploying
to
test-pipeline
GitHub Actions
Failure
moelasmar
had a problem deploying
to
test-pipeline
GitHub Actions
Failure
moelasmar
had a problem deploying
to
test-pipeline
GitHub Actions
Failure
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be automatically updated and merged without squashing (do not update manually, and be sure to allow changes to be pushed to your fork). |
|
Comments on closed issues and PRs are hard for our team to see. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See CHANGELOG