chore(release): 2.179.0 #33482
Merged
chore(release): 2.179.0 #33482
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
… WAIT_FOR_TASK_TOKEN
### Issue # (if applicable) None ### Reason for this change AWS Codebuild supports for creating Fleet with attribute based compute type. https://docs.aws.amazon.com/codebuild/latest/userguide/fleets.html#fleets.attribute-compute You can specify minimum vCPU, disk and memory sizes. Codebuild automatically selects the instance type based on the compute configuration. ### Description of changes Add `computeConfiguraion` prop to `FleetProps`. ### Description of how you validated changes Add both unit and integ tests. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…ed in NPM symlinked workspaces (#32937) ### Reason for this change Allow to use SelfManagedKafkaEventSource in symlinked setups. ### Description of changes Replace instanceof check by `Construct.isConstruct()` call. *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) N/A ### Description of changes Add to R2 list if there are 2 or more approvals on the PR ### Description of how you validated changes unit tests ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…33311) ### Issue # (if applicable) N/A ### Reason for this change Update Needs Attention field in the prioritization project board ### Description of changes Monitors project items daily to identify PRs that have been in their current status for extended periods. ### Describe any new or updated permissions being added N/A ### Description of how you validated changes Unit test is added. Integ test is not applicable. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Reason for this change We want errors to always have a defined non-default message code. This way an integrator can target errors individually. ### Description of changes Change the helper method for error messages to require a code. ### Describe any new or updated permissions being added n/a ### Description of how you validated changes n/a this is a refactor, enforcing a new rule at compile time ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…ervice integration test (#32524) ### Issue # (if applicable) Relate #32506 ### Reason for this change This test is failing. Please try this quick check ```bash docker run -d -p 80:80 -p 90:90 amazon/amazon-ecs-sample:latest # Success curl http://localhost:80 # Fail curl http://localhost:90 ``` ### Description of changes - Modify ECS task to also expose port 90 - Migrate to LaunchTemplate as LaunchConfiguration cannot be used on new account ### Description of how you validated changes `yarn integ test/aws-ecs-patterns/test/ec2/integ.multiple-application-load-balanced-ecs-service.js` ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) #33017 Closes #33017. ### Reason for this change Typo ### Description of changes Fixed Typo ### Describe any new or updated permissions being added NA ### Description of how you validated changes No ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) Closes #32837 ### Reason for this change UserPoolClient in Cognito did not support the `analyticsConfiguration` property. ### Description of changes - add `analytics` property to UserPoolClientProps(interface) - add `validationAnalytics` method to UserPoolClient(Class / L2 Construct) ### Description of how you validated changes Added both unit and integration tests. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…33267) ### Issue # (if applicable) Closes #33222 ### Reason for this change Missing detailedMetricsEnabled property ### Description of changes Stage support `detailedMetricsEnabled` property ### Describe any new or updated permissions being added ### Description of how you validated changes Unit + Integration test ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue #33179 Closes #33179 ### Description of changes Adds the list action. Converts the existing dependency calculation code into a generic feature on StackCollection. ### Describe any new or updated permissions being added n/a ### Description of how you validated changes Unit tests and integ test pipeline ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) Closes #31666. ### Reason for this change AWS CodePipeline introduces new general purpose **compute** action: Commands action. - https://aws.amazon.com/about-aws/whats-new/2024/10/aws-codepipeline-general-purpose-compute-action/ - https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference-Commands.html#action-reference-Commands-type CFn docs: - https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codepipeline-pipeline-actiontypeid.html - https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codepipeline-pipeline-outputartifact.html - https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codepipeline-pipeline-actiondeclaration.html ### Description of changes Added `CommandsAction` class and changed other files. The `ActionCategory` for this action is a new category `Compute`, so added `ActionCategory.COMPUTE`. ### Description of how you validated changes Both unit and integ tests ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) Closes #33254 ### Reason for this change - Similar to #31707, this PR adds 1.32 support. - Update all existing integ tests for V1_31 and make sure they deploy with V1_32. ### Description of changes ### Describe any new or updated permissions being added ### Description of how you validated changes ```ts import * as ec2 from 'aws-cdk-lib/aws-ec2'; import * as iam from 'aws-cdk-lib/aws-iam'; import { App, Stack, StackProps } from 'aws-cdk-lib'; import { KubectlV32Layer } from '@aws-cdk/lambda-layer-kubectl-v32'; import * as eks from 'aws-cdk-lib/aws-eks'; import { Construct } from 'constructs'; export class EksClusterLatestVersion extends Stack { constructor(scope: Construct, id: string, props: StackProps) { super(scope, id, props); const vpc = new ec2.Vpc(this, 'Vpc', { natGateways: 1 }); const mastersRole = new iam.Role(this, 'Role', { assumedBy: new iam.AccountRootPrincipal(), }); new eks.Cluster(this, 'Cluster', { vpc, mastersRole, version: eks.KubernetesVersion.V1_32, kubectlLayer: new KubectlV32Layer(this, 'KubectlLayer'), defaultCapacity: 1, }); } } const app = new App(); new EksClusterLatestVersion(app, 'v32-stack', { env: { account: process.env.CDK_DEFAULT_ACCOUNT, region: process.env.CDK_DEFAULT_REGION, }, }); app.synth(); ``` verify ``` pahud@MBP framework-integ % kubectl get no NAME STATUS ROLES AGE VERSION ip-172-31-3-173.ec2.internal Ready <none> 5m21s v1.32.0-eks-aeac579 % kubectl get po -n kube-system NAME READY STATUS RESTARTS AGE aws-node-r6jw8 2/2 Running 2 (9m35s ago) 12m coredns-6b9575c64c-75csr 1/1 Running 1 (9m35s ago) 16m coredns-6b9575c64c-hwpdd 1/1 Running 1 (9m35s ago) 16m kube-proxy-9w95h 1/1 Running 1 (9m35s ago) 12m ``` ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) Closes #32680 ### Reason for this change AWS announces Amazon CloudWatch Database Insights. https://aws.amazon.com/about-aws/whats-new/2024/12/amazon-cloudwatch-database-insights ### Description of changes Database Insights has two modes: Standard and Advanced. For Aurora databases, standard mode is enabled by default. https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#aws-resource-rds-dbcluster-return-values When using advanced mode, you must enable Performance Insights and set its data retention period to 465 days. https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Database-Insights.html ### Describe any new or updated permissions being added Nothing. ### Description of how you validated changes Unit tests and integ-tests. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…ing (#32594) Make pipenv version a parameter in the Dockerfile for python lambda bundling. It was originally hardcoded to 2022.4.8, which excluded newer features/fixes. ### Issue # (if applicable) None. ### Reason for this change Pipenv version was originally hardcoded to 2022.4.8, which excluded newer features/fixes. And that could not be changed without providing a new Dockerfile from scratch. ### Description of changes Just made the pipenv version a new ARG in the Dockerfile. So that it can be provided from the outside. It has the same default value as it used to have, so that the current behavior won't change. ### Describe any new or updated permissions being added None ### Description of how you validated changes Tested this same Dockerfile in my current project, providing the PIPENV_VERSION variable via CDK: ```typescript import * as python from '@aws-cdk/aws-lambda-python-alpha'; const lambdaProps: python.PythonFunctionProps = { runtime: lambda.Runtime.PYTHON_3_11, // ... bundling: { buildArgs: { 'PIPENV_VERSION': '2024.0.1', }, } }; ``` ### Checklist - [X] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) Closes #30327 ### Reason for this change There was a difference in the behavior of SDK and HTTP integration attribute extraction with the `getAtt` and `getAttString` methods. `awsApiCall` properly implemented and returned JSONPath-ish values by using a `flattenResponse` property. This PR adds the same functionality to `httpApiCall` ### Description of changes Added an implemented `flattenResponse` in the `HttpHandler` custom resource ### Description of how you validated changes Updated integ and unit tests ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
The call to `createChangeSet` is not passing that stack's tags. If the deploy role has some policy that requires specific tags, it will fail to create a change set and, therefore, to create a diff. Pass the tags along to `createChangeSet`. Fixes #33316. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) Closes #30451 ### Reason for this change Support Regex in filter functions for JSON ### Description of changes Adding a new JSONPattern factory that uses `%` instead of `"` to support the regex pattern. ### Description of how you validated changes I tried it in our own CDK code. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
#33252) ### Issue # (if applicable) #26509 ### Reason for this change AWS Step Functions has the functionality to call APIs in different regions according to the [AWS blog](https://aws.amazon.com/blogs/compute/running-cross-account-workflows-with-aws-step-functions-and-amazon-api-gateway/): "You can extend this architecture to run workflows across multiple Regions or accounts." However, CDK syntax doesn't support it. This change will help expand the functionality of CDK to be able to call APIs where the API endpoint is not in the same region as the stack it's contained in (such as calling an API in a different AWS account). ### Description of changes This PR implements the solution suggested by pahud, which is to add an optional region parameter to the API endpoint getter (and to props to provide it). Adding region to IRestApi was another option, but this would not be backwards-compatible (how would existing IRestApis determine the region?). Ideally, I believe some `Region` enum would be superior to type `string` for region, but I looked around and couldn't find any other examples in the codebase and besides it might introduce coupling/dependency that isn't necessary. Instead, an invalid region such as "us-north-42" is likely to simply throw an exception for invalid API endpoint, which should expose the problem to the dev. This change supports an extra use-case of calling API endpoints in regions other than the region of the stack in which the API construct is defined. This uses AWS features of Step Functions invoking API Gateway endpoints in different regions. ### Describe any new or updated permissions being added None ### Description of how you validated changes Added a unit test with a hardcoded `us-west-2` in the style of other surrounding unit tests. ### Checklist - [X] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
… Errors (#33440) ### Issue Relates to #32569 ### Description of changes `ValidationErrors` everywhere ### Describe any new or updated permissions being added n/a ### Description of how you validated changes Existing tests. Exemptions granted as this is a refactor of existing code. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) N/A The problem was `yarn upgrade` no longer worked. You can see the auto upgrade PR - #33299 - is having a failed build. After diving deep into the reason of failure, here are the findings: I first checked out the branch for #33299, then run the build locally. Here is the error in the build log: ``` > tsc --build aws-cdk/node_modules/@types/glob/index.d.ts:29:42 - error TS2694: Namespace '"<path skipped>/aws-cdk/node_modules/minimatch/dist/commonjs/index"' has no exported member 'IOptions'. 29 interface IOptions extends minimatch.IOptions { ~~~~~~~~ aws-cdk/node_modules/@types/glob/index.d.ts:74:30 - error TS2724: '"<path skipped>/aws-cdk/node_modules/minimatch/dist/commonjs/index"' has no exported member named 'IMinimatch'. Did you mean 'Minimatch'? 74 minimatch: minimatch.IMinimatch; ~~~~~~~~~~ ``` Pay attention to the file paths above. `aws-cdk/node_modules/@types/glob` is trying to reference a type from `aws-cdk/node_modules/minimatch` because yarn upgraded to a `minimatch` version that natively export minimatch types. But `@types/glob` is not compatible with these new `minimatch` types, causing the error seen above. Ideally, `@types/glob` should specify the `@types/minimatch` version it works with, but in reality, it has `"@types/minimatch": "*"`, which started pointing to the upgraded `aws-cdk/node_modules/minimatch` as yarn hoist dependencies into the top level `node_modules`. Some references: - igorshubovych/markdownlint-cli#508 <-- `aws-cdk/tools/@aws-cdk/cdk-build-tools` uses `markdownlint-cli`, which depend on `glob` and `minimatch` as well. - isaacs/rimraf#264 <-- New versions of `glob` and `minimatch` are written in Typescript, which is causing problem when these new version co-exist with the `@types/xxx` packages. ### Description of changes Use `nohoist` for `@types/glob` and `@types/minimatch` so that the different places that use these two packages do not conflict with each other at the top level `node_modules`. After doing the above, I noticed `cdk-build-tools` was actually relying on `@types/glob` but it does not declare the dependency in its `package.json`. It worked because it pulled the `@types/glob` at the top level `node_modules` (which is no longer available with `nohoist`). ### Describe any new or updated permissions being added None ### Description of how you validated changes Locally built and no error. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) n/a ### Reason for this change Checking out the `head.sha` puts us into 'detached HEAD' state ``` You are in 'detached HEAD' state. You can look around, make experimental changes and commit them, and you can discard any commits you make in this state without impacting any branches by switching back to a branch. ``` so the workflow will fail during the commit/push step: ``` Run git config --global user.name 'aws-cdk-automation' [detached HEAD 0364b3fc] chore: update analytics metadata blueprints 3 files changed, 121 insertions(+), 121 deletions(-) error: src refspec bump/2.179.0 does not match any error: failed to push some refs to 'https://github.com/aws/aws-cdk' Error: Process completed with exit code 1. ``` ### Description of changes Checkout the branch head ref just before we commit changes in the workflow. ### Describe any new or updated permissions being added n/a ### Description of how you validated changes Tested on release branch, workflow successfully [ran](https://github.com/aws/aws-cdk/actions/workflows/analytics-metadata-updater.yml). ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) Closes #33461 . ### Reason for this change Because git lfs is not installed in devcontainer. ### Description of changes install git lfs on dev container. ### Describe any new or updated permissions being added ### Description of how you validated changes ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec` **L1 CloudFormation resource definition changes:** ``` ├[~] service aws-acmpca │ └ resources │ └[~] resource AWS::ACMPCA::CertificateAuthority │ └ types │ └[~] type CrlConfiguration │ └ properties │ ├[+] CrlType: string │ └[+] CustomPath: string ├[~] service aws-bedrock │ └ resources │ ├[~] resource AWS::Bedrock::DataSource │ │ └ types │ │ └[~] type BedrockFoundationModelConfiguration │ │ ├ - documentation: Settings for a foundation model or [inference profile](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html) used to parse documents for a data source. │ │ │ + documentation: Settings for a foundation model used to parse documents for a data source. │ │ └ properties │ │ └ ModelArn: (documentation changed) │ └[~] resource AWS::Bedrock::KnowledgeBase │ └ types │ └[~] type VectorKnowledgeBaseConfiguration │ └ properties │ └ EmbeddingModelArn: (documentation changed) ├[~] service aws-cognito │ └ resources │ └[~] resource AWS::Cognito::UserPoolDomain │ └ attributes │ └[-] Id: string ├[~] service aws-datasync │ └ resources │ └[~] resource AWS::DataSync::LocationSMB │ ├ - documentation: The `AWS::DataSync::LocationSMB` resource specifies a Server Message Block (SMB) location. │ │ + documentation: The `AWS::DataSync::LocationSMB` resource specifies a Server Message Block (SMB) location that AWS DataSync can use as a transfer source or destination. │ ├ properties │ │ ├ AgentArns: (documentation changed) │ │ ├ AuthenticationType: (documentation changed) │ │ ├ DnsIpAddresses: (documentation changed) │ │ ├ KerberosKeytab: (documentation changed) │ │ ├ KerberosKrb5Conf: (documentation changed) │ │ ├ KerberosPrincipal: (documentation changed) │ │ ├ Password: (documentation changed) │ │ ├ Subdirectory: (documentation changed) │ │ └ User: (documentation changed) │ └ attributes │ └ LocationArn: (documentation changed) ├[~] service aws-dynamodb │ └ resources │ └[~] resource AWS::DynamoDB::GlobalTable │ └ properties │ └[+] PointInTimeRecoverySpecification: PointInTimeRecoverySpecification ├[~] service aws-ec2 │ └ resources │ ├[~] resource AWS::EC2::EC2Fleet │ │ └ types │ │ └[~] type FleetLaunchTemplateOverridesRequest │ │ └ properties │ │ └ MaxPrice: (documentation changed) │ ├[~] resource AWS::EC2::IPAM │ │ ├ properties │ │ │ └[+] DefaultResourceDiscoveryOrganizationalUnitExclusions: Array<IpamOrganizationalUnitExclusion> │ │ └ types │ │ └[+] type IpamOrganizationalUnitExclusion │ │ ├ documentation: If your IPAM is integrated with AWS Organizations and you add an organizational unit (OU) exclusion, IPAM will not manage the IP addresses in accounts in that OU exclusion. │ │ │ name: IpamOrganizationalUnitExclusion │ │ └ properties │ │ └ OrganizationsEntityPath: string (required) │ ├[~] resource AWS::EC2::IPAMResourceDiscovery │ │ ├ properties │ │ │ └[+] OrganizationalUnitExclusions: Array<IpamResourceDiscoveryOrganizationalUnitExclusion> │ │ └ types │ │ └[+] type IpamResourceDiscoveryOrganizationalUnitExclusion │ │ ├ documentation: If your IPAM is integrated with AWS Organizations and you add an organizational unit (OU) exclusion, IPAM will not manage the IP addresses in accounts in that OU exclusion. │ │ │ name: IpamResourceDiscoveryOrganizationalUnitExclusion │ │ └ properties │ │ └ OrganizationsEntityPath: string (required) │ └[~] resource AWS::EC2::LaunchTemplate │ └ types │ └[~] type SpotOptions │ └ properties │ └ MaxPrice: (documentation changed) ├[~] service aws-ivs │ └ resources │ ├[~] resource AWS::IVS::Channel │ │ └ properties │ │ └ Type: (documentation changed) │ ├[~] resource AWS::IVS::PlaybackKeyPair │ │ └ properties │ │ └ PublicKeyMaterial: (documentation changed) │ └[~] resource AWS::IVS::PublicKey │ └ properties │ └ PublicKeyMaterial: (documentation changed) ├[~] service aws-medialive │ └ resources │ ├[~] resource AWS::MediaLive::Channel │ │ ├ properties │ │ │ ├[+] ChannelEngineVersion: ChannelEngineVersionRequest │ │ │ └[+] DryRun: boolean │ │ └ types │ │ ├[+] type ChannelEngineVersionRequest │ │ │ ├ name: ChannelEngineVersionRequest │ │ │ └ properties │ │ │ └ Version: string │ │ ├[~] type CmafIngestGroupSettings │ │ │ └ properties │ │ │ ├[+] Id3Behavior: string │ │ │ ├[+] Id3NameModifier: string │ │ │ ├[+] KlvBehavior: string │ │ │ ├[+] KlvNameModifier: string │ │ │ ├[+] NielsenId3NameModifier: string │ │ │ └[+] Scte35NameModifier: string │ │ ├[~] type H265Settings │ │ │ └ properties │ │ │ └[+] Deblocking: string │ │ └[~] type MediaPackageOutputDestinationSettings │ │ └ properties │ │ ├[+] ChannelGroup: string │ │ └[+] ChannelName: string │ └[~] resource AWS::MediaLive::InputSecurityGroup │ └ properties │ └ Tags: - json │ + json (immutable) └[~] service aws-rds └ resources └[~] resource AWS::RDS::DBInstance └ properties └ ApplyImmediately: (documentation changed) ```
Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec`
Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec` **L1 CloudFormation resource definition changes:** ``` ├[~] service aws-acmpca │ └ resources │ └[~] resource AWS::ACMPCA::CertificateAuthority │ └ types │ └[~] type CrlConfiguration │ └ properties │ ├ CrlType: (documentation changed) │ └ CustomPath: (documentation changed) ├[~] service aws-bedrock │ └ resources │ └[~] resource AWS::Bedrock::Agent │ └ types │ └[~] type PromptConfiguration │ └ properties │ └ ParserMode: (documentation changed) ├[~] service aws-cloudtrail │ └ resources │ ├[~] resource AWS::CloudTrail::EventDataStore │ │ └ types │ │ ├[~] type AdvancedEventSelector │ │ │ └ - documentation: Advanced event selectors let you create fine-grained selectors for AWS CloudTrail management, data, and network activity events. They help you control costs by logging only those events that are important to you. For more information about configuring advanced event selectors, see the [Logging data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) , [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) , and [Logging management events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html) topics in the *AWS CloudTrail User Guide* . │ │ │ You cannot apply both event selectors and advanced event selectors to a trail. │ │ │ *Supported CloudTrail event record fields for management events* │ │ │ - `eventCategory` (required) │ │ │ - `eventSource` │ │ │ - `readOnly` │ │ │ The following additional fields are available for event data stores: │ │ │ - `eventName` │ │ │ - `eventType` │ │ │ - `sessionCredentialFromConsole` │ │ │ - `userIdentity.arn` │ │ │ *Supported CloudTrail event record fields for data events* │ │ │ - `eventCategory` (required) │ │ │ - `resources.type` (required) │ │ │ - `readOnly` │ │ │ - `eventName` │ │ │ - `resources.ARN` │ │ │ The following additional fields are available for event data stores: │ │ │ - `eventSource` │ │ │ - `eventType` │ │ │ - `sessionCredentialFromConsole` │ │ │ - `userIdentity.arn` │ │ │ *Supported CloudTrail event record fields for network activity events* │ │ │ > Network activity events is in preview release for CloudTrail and is subject to change. │ │ │ - `eventCategory` (required) │ │ │ - `eventSource` (required) │ │ │ - `eventName` │ │ │ - `errorCode` - The only valid value for `errorCode` is `VpceAccessDenied` . │ │ │ - `vpcEndpointId` │ │ │ > For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is `eventCategory` . │ │ │ + documentation: Advanced event selectors let you create fine-grained selectors for AWS CloudTrail management, data, and network activity events. They help you control costs by logging only those events that are important to you. For more information about configuring advanced event selectors, see the [Logging data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) , [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) , and [Logging management events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html) topics in the *AWS CloudTrail User Guide* . │ │ │ You cannot apply both event selectors and advanced event selectors to a trail. │ │ │ *Supported CloudTrail event record fields for management events* │ │ │ - `eventCategory` (required) │ │ │ - `eventSource` │ │ │ - `readOnly` │ │ │ The following additional fields are available for event data stores: │ │ │ - `eventName` │ │ │ - `eventType` │ │ │ - `sessionCredentialFromConsole` │ │ │ - `userIdentity.arn` │ │ │ *Supported CloudTrail event record fields for data events* │ │ │ - `eventCategory` (required) │ │ │ - `resources.type` (required) │ │ │ - `readOnly` │ │ │ - `eventName` │ │ │ - `resources.ARN` │ │ │ The following additional fields are available for event data stores: │ │ │ - `eventSource` │ │ │ - `eventType` │ │ │ - `sessionCredentialFromConsole` │ │ │ - `userIdentity.arn` │ │ │ *Supported CloudTrail event record fields for network activity events* │ │ │ - `eventCategory` (required) │ │ │ - `eventSource` (required) │ │ │ - `eventName` │ │ │ - `errorCode` - The only valid value for `errorCode` is `VpceAccessDenied` . │ │ │ - `vpcEndpointId` │ │ │ > For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is `eventCategory` . │ │ └[~] type AdvancedFieldSelector │ │ └ properties │ │ └ Field: (documentation changed) │ └[~] resource AWS::CloudTrail::Trail │ └ types │ ├[~] type AdvancedEventSelector │ │ └ - documentation: Advanced event selectors let you create fine-grained selectors for AWS CloudTrail management, data, and network activity events. They help you control costs by logging only those events that are important to you. For more information about configuring advanced event selectors, see the [Logging data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) , [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) , and [Logging management events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html) topics in the *AWS CloudTrail User Guide* . │ │ You cannot apply both event selectors and advanced event selectors to a trail. │ │ *Supported CloudTrail event record fields for management events* │ │ - `eventCategory` (required) │ │ - `eventSource` │ │ - `readOnly` │ │ The following additional fields are available for event data stores: │ │ - `eventName` │ │ - `eventType` │ │ - `sessionCredentialFromConsole` │ │ - `userIdentity.arn` │ │ *Supported CloudTrail event record fields for data events* │ │ - `eventCategory` (required) │ │ - `resources.type` (required) │ │ - `readOnly` │ │ - `eventName` │ │ - `resources.ARN` │ │ The following additional fields are available for event data stores: │ │ - `eventSource` │ │ - `eventType` │ │ - `sessionCredentialFromConsole` │ │ - `userIdentity.arn` │ │ *Supported CloudTrail event record fields for network activity events* │ │ > Network activity events is in preview release for CloudTrail and is subject to change. │ │ - `eventCategory` (required) │ │ - `eventSource` (required) │ │ - `eventName` │ │ - `errorCode` - The only valid value for `errorCode` is `VpceAccessDenied` . │ │ - `vpcEndpointId` │ │ > For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is `eventCategory` . │ │ + documentation: Advanced event selectors let you create fine-grained selectors for AWS CloudTrail management, data, and network activity events. They help you control costs by logging only those events that are important to you. For more information about configuring advanced event selectors, see the [Logging data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) , [Logging network activity events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html) , and [Logging management events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html) topics in the *AWS CloudTrail User Guide* . │ │ You cannot apply both event selectors and advanced event selectors to a trail. │ │ *Supported CloudTrail event record fields for management events* │ │ - `eventCategory` (required) │ │ - `eventSource` │ │ - `readOnly` │ │ The following additional fields are available for event data stores: │ │ - `eventName` │ │ - `eventType` │ │ - `sessionCredentialFromConsole` │ │ - `userIdentity.arn` │ │ *Supported CloudTrail event record fields for data events* │ │ - `eventCategory` (required) │ │ - `resources.type` (required) │ │ - `readOnly` │ │ - `eventName` │ │ - `resources.ARN` │ │ The following additional fields are available for event data stores: │ │ - `eventSource` │ │ - `eventType` │ │ - `sessionCredentialFromConsole` │ │ - `userIdentity.arn` │ │ *Supported CloudTrail event record fields for network activity events* │ │ - `eventCategory` (required) │ │ - `eventSource` (required) │ │ - `eventName` │ │ - `errorCode` - The only valid value for `errorCode` is `VpceAccessDenied` . │ │ - `vpcEndpointId` │ │ > For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is `eventCategory` . │ └[~] type AdvancedFieldSelector │ └ properties │ └ Field: (documentation changed) ├[~] service aws-connect │ └ resources │ └[~] resource AWS::Connect::ContactFlowVersion │ ├ - documentation: Resource Type Definition for ContactFlowVersion │ │ + documentation: Creates a version for the specified customer-managed flow within the specified instance. │ ├ properties │ │ ├ ContactFlowId: (documentation changed) │ │ └ Description: (documentation changed) │ └ attributes │ ├ ContactFlowVersionARN: (documentation changed) │ ├ FlowContentSha256: (documentation changed) │ └ Version: (documentation changed) ├[~] service aws-dynamodb │ └ resources │ └[~] resource AWS::DynamoDB::GlobalTable │ └ properties │ └[-] PointInTimeRecoverySpecification: PointInTimeRecoverySpecification ├[~] service aws-ec2 │ └ resources │ ├[~] resource AWS::EC2::IPAM │ │ └ types │ │ └[~] type IpamOrganizationalUnitExclusion │ │ └ properties │ │ └ OrganizationsEntityPath: (documentation changed) │ └[~] resource AWS::EC2::LaunchTemplate │ └ types │ ├[~] type CpuOptions │ │ └ properties │ │ └ AmdSevSnp: (documentation changed) │ ├[~] type Ebs │ │ └ properties │ │ └ Iops: (documentation changed) │ ├[~] type LaunchTemplateData │ │ └ properties │ │ ├ CpuOptions: (documentation changed) │ │ ├ DisableApiStop: (documentation changed) │ │ ├ EnclaveOptions: (documentation changed) │ │ ├ MetadataOptions: (documentation changed) │ │ └ UserData: (documentation changed) │ ├[~] type MetadataOptions │ │ └ properties │ │ └ InstanceMetadataTags: (documentation changed) │ ├[~] type NetworkInterface │ │ └ properties │ │ └ InterfaceType: (documentation changed) │ └[~] type SpotOptions │ └ properties │ └ MaxPrice: (documentation changed) ├[~] service aws-ecs │ └ resources │ ├[~] resource AWS::ECS::Cluster │ │ └ types │ │ └[~] type ManagedStorageConfiguration │ │ └ properties │ │ ├ FargateEphemeralStorageKmsKeyId: (documentation changed) │ │ └ KmsKeyId: (documentation changed) │ ├[~] resource AWS::ECS::Service │ │ └ properties │ │ ├ AvailabilityZoneRebalancing: (documentation changed) │ │ └ CapacityProviderStrategy: (documentation changed) │ └[~] resource AWS::ECS::TaskDefinition │ └ types │ └[~] type HealthCheck │ └ properties │ ├ Interval: (documentation changed) │ ├ Retries: (documentation changed) │ ├ StartPeriod: (documentation changed) │ └ Timeout: (documentation changed) ├[~] service aws-fsx │ └ resources │ └[~] resource AWS::FSx::FileSystem │ └ types │ └[~] type OpenZFSConfiguration │ └ properties │ ├ EndpointIpAddressRange: (documentation changed) │ └ ThroughputCapacity: (documentation changed) ├[~] service aws-groundstation │ └ resources │ └[~] resource AWS::GroundStation::MissionProfile │ └ types │ └[~] type StreamsKmsKey │ └ properties │ └ KmsAliasName: (documentation changed) ├[~] service aws-iot │ └ resources │ └[~] resource AWS::IoT::Logging │ └ - documentation: Configure logging. │ + documentation: Configure logging. │ > If you already set the log function of AWS IoT Core , you can't deploy the AWS Cloud Development Kit (AWS CDK) to change the logging settings. You can change the logging settings by either: │ > │ > - Importing a role into your AWS CloudFormation stack, such as with the [infrastructure as code generator (IaC generator)](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/generate-IaC.html) . │ > - [Deleting the existing role](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_manage_delete.html#roles-managingrole-deleting-console) . ├[~] service aws-rds │ └ resources │ └[~] resource AWS::RDS::GlobalCluster │ ├ properties │ │ └[-] GlobalEndpoint: GlobalEndpoint │ └ attributes │ └[+] GlobalEndpoint: GlobalEndpoint └[~] service aws-wafv2 └ resources ├[~] resource AWS::WAFv2::LoggingConfiguration │ ├ - documentation: Defines an association between logging destinations and a web ACL resource, for logging from AWS WAF . As part of the association, you can specify parts of the standard logging fields to keep out of the logs and you can specify filters so that you log only a subset of the logging records. │ │ > You can define one logging destination per web ACL. │ │ You can access information about the traffic that AWS WAF inspects using the following steps: │ │ - Create your logging destination. You can use an Amazon CloudWatch Logs log group, an Amazon Simple Storage Service (Amazon S3) bucket, or an Amazon Kinesis Data Firehose. │ │ The name that you give the destination must start with `aws-waf-logs-` . Depending on the type of destination, you might need to configure additional settings or permissions. │ │ For configuration requirements and pricing information for each destination type, see [Logging web ACL traffic](https://docs.aws.amazon.com/waf/latest/developerguide/logging.html) in the *AWS WAF Developer Guide* . │ │ - Associate your logging destination to your web ACL using a `PutLoggingConfiguration` request. │ │ When you successfully enable logging using a `PutLoggingConfiguration` request, AWS WAF creates an additional role or policy that is required to write logs to the logging destination. For an Amazon CloudWatch Logs log group, AWS WAF creates a resource policy on the log group. For an Amazon S3 bucket, AWS WAF creates a bucket policy. For an Amazon Kinesis Data Firehose, AWS WAF creates a service-linked role. │ │ For additional information about web ACL logging, see [Logging web ACL traffic information](https://docs.aws.amazon.com/waf/latest/developerguide/logging.html) in the *AWS WAF Developer Guide* . │ │ + documentation: Defines an association between logging destinations and a web ACL resource, for logging from AWS WAF . As part of the association, you can specify parts of the standard logging fields to keep out of the logs and you can specify filters so that you log only a subset of the logging records. │ │ If you configure data protection for the web ACL, the protection applies to the data that AWS WAF sends to the logs. │ │ > You can define one logging destination per web ACL. │ │ You can access information about the traffic that AWS WAF inspects using the following steps: │ │ - Create your logging destination. You can use an Amazon CloudWatch Logs log group, an Amazon Simple Storage Service (Amazon S3) bucket, or an Amazon Kinesis Data Firehose. │ │ The name that you give the destination must start with `aws-waf-logs-` . Depending on the type of destination, you might need to configure additional settings or permissions. │ │ For configuration requirements and pricing information for each destination type, see [Logging web ACL traffic](https://docs.aws.amazon.com/waf/latest/developerguide/logging.html) in the *AWS WAF Developer Guide* . │ │ - Associate your logging destination to your web ACL using a `PutLoggingConfiguration` request. │ │ When you successfully enable logging using a `PutLoggingConfiguration` request, AWS WAF creates an additional role or policy that is required to write logs to the logging destination. For an Amazon CloudWatch Logs log group, AWS WAF creates a resource policy on the log group. For an Amazon S3 bucket, AWS WAF creates a bucket policy. For an Amazon Kinesis Data Firehose, AWS WAF creates a service-linked role. │ │ For additional information about web ACL logging, see [Logging web ACL traffic information](https://docs.aws.amazon.com/waf/latest/developerguide/logging.html) in the *AWS WAF Developer Guide* . │ └ properties │ └ RedactedFields: (documentation changed) ├[~] resource AWS::WAFv2::RuleGroup │ └ types │ ├[~] type FieldToMatch │ │ └ - documentation: Specifies a web request component to be used in a rule match statement or in a logging configuration. │ │ - In a rule statement, this is the part of the web request that you want AWS WAF to inspect. Include the single `FieldToMatch` type that you want to inspect, with additional specifications as needed, according to the type. You specify a single request component in `FieldToMatch` for each rule statement that requires it. To inspect more than one component of the web request, create a separate rule statement for each component. │ │ Example JSON for a `QueryString` field to match: │ │ `"FieldToMatch": { "QueryString": {} }` │ │ Example JSON for a `Method` field to match specification: │ │ `"FieldToMatch": { "Method": { "Name": "DELETE" } }` │ │ - In a logging configuration, this is used in the `RedactedFields` property to specify a field to redact from the logging records. For this use case, note the following: │ │ - Even though all `FieldToMatch` settings are available, the only valid settings for field redaction are `UriPath` , `QueryString` , `SingleHeader` , and `Method` . │ │ - In this documentation, the descriptions of the individual fields talk about specifying the web request component to inspect, but for field redaction, you are specifying the component type to redact from the logs. │ │ - If you have request sampling enabled, the redacted fields configuration for logging has no impact on sampling. The only way to exclude fields from request sampling is by disabling sampling in the web ACL visibility configuration. │ │ + documentation: Specifies a web request component to be used in a rule match statement or in a logging configuration. │ │ - In a rule statement, this is the part of the web request that you want AWS WAF to inspect. Include the single `FieldToMatch` type that you want to inspect, with additional specifications as needed, according to the type. You specify a single request component in `FieldToMatch` for each rule statement that requires it. To inspect more than one component of the web request, create a separate rule statement for each component. │ │ Example JSON for a `QueryString` field to match: │ │ `"FieldToMatch": { "QueryString": {} }` │ │ Example JSON for a `Method` field to match specification: │ │ `"FieldToMatch": { "Method": { "Name": "DELETE" } }` │ │ - In a logging configuration, this is used in the `RedactedFields` property to specify a field to redact from the logging records. For this use case, note the following: │ │ - Even though all `FieldToMatch` settings are available, the only valid settings for field redaction are `UriPath` , `QueryString` , `SingleHeader` , and `Method` . │ │ - In this documentation, the descriptions of the individual fields talk about specifying the web request component to inspect, but for field redaction, you are specifying the component type to redact from the logs. │ │ - If you have request sampling enabled, the redacted fields configuration for logging has no impact on sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL. │ └[~] type VisibilityConfig │ └ properties │ └ SampledRequestsEnabled: (documentation changed) └[~] resource AWS::WAFv2::WebACL └ types ├[~] type FieldToMatch │ └ - documentation: Specifies a web request component to be used in a rule match statement or in a logging configuration. │ - In a rule statement, this is the part of the web request that you want AWS WAF to inspect. Include the single `FieldToMatch` type that you want to inspect, with additional specifications as needed, according to the type. You specify a single request component in `FieldToMatch` for each rule statement that requires it. To inspect more than one component of the web request, create a separate rule statement for each component. │ Example JSON for a `QueryString` field to match: │ `"FieldToMatch": { "QueryString": {} }` │ Example JSON for a `Method` field to match specification: │ `"FieldToMatch": { "Method": { "Name": "DELETE" } }` │ - In a logging configuration, this is used in the `RedactedFields` property to specify a field to redact from the logging records. For this use case, note the following: │ - Even though all `FieldToMatch` settings are available, the only valid settings for field redaction are `UriPath` , `QueryString` , `SingleHeader` , and `Method` . │ - In this documentation, the descriptions of the individual fields talk about specifying the web request component to inspect, but for field redaction, you are specifying the component type to redact from the logs. │ - If you have request sampling enabled, the redacted fields configuration for logging has no impact on sampling. The only way to exclude fields from request sampling is by disabling sampling in the web ACL visibility configuration. │ + documentation: Specifies a web request component to be used in a rule match statement or in a logging configuration. │ - In a rule statement, this is the part of the web request that you want AWS WAF to inspect. Include the single `FieldToMatch` type that you want to inspect, with additional specifications as needed, according to the type. You specify a single request component in `FieldToMatch` for each rule statement that requires it. To inspect more than one component of the web request, create a separate rule statement for each component. │ Example JSON for a `QueryString` field to match: │ `"FieldToMatch": { "QueryString": {} }` │ Example JSON for a `Method` field to match specification: │ `"FieldToMatch": { "Method": { "Name": "DELETE" } }` │ - In a logging configuration, this is used in the `RedactedFields` property to specify a field to redact from the logging records. For this use case, note the following: │ - Even though all `FieldToMatch` settings are available, the only valid settings for field redaction are `UriPath` , `QueryString` , `SingleHeader` , and `Method` . │ - In this documentation, the descriptions of the individual fields talk about specifying the web request component to inspect, but for field redaction, you are specifying the component type to redact from the logs. │ - If you have request sampling enabled, the redacted fields configuration for logging has no impact on sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL. └[~] type VisibilityConfig └ properties └ SampledRequestsEnabled: (documentation changed) ```
…33455) ### Issue Relates to #32569 ### Description of changes `ValidationErrors` everywhere ### Describe any new or updated permissions being added n/a ### Description of how you validated changes Existing tests. Exemptions granted as this is a refactor of existing code. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…dy to merge yet (#33481) Restting to the versions used in 2.178.2 (see [comment](#33481 (comment)) below). ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be automatically updated and merged without squashing (do not update manually, and be sure to allow changes to be pushed to your fork). |
|
Comments on closed issues and PRs are hard for our team to see. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See CHANGELOG