Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(ec2): can define Launch Templates (not use them yet) #12385

Merged
merged 10 commits into from
Feb 5, 2021

Conversation

ddneilson
Copy link
Contributor

This provides an initial implementation of a level 2 construct for EC2 Launch Templates. It is a start that is intended to help get the ball rolling on implementation of Launch Template support within the CDK. It is a step towards resolving #6734

Launch Templates have value even without the integrations into Instance and AutoScalingGroup being implemented yet. Thus, the intention with this PR is to solely implement the L2 for LaunchTemplate. Future work in a separate PR would be required to implement its integration into Instance, AutoScalingGroup, and others.


By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

This provides an initial implementation of a level 2 construct for
EC2 Launch Templates.
@gitpod-io
Copy link

gitpod-io bot commented Jan 6, 2021

@github-actions github-actions bot added the @aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud label Jan 6, 2021
/**
* Properties of a LaunchTemplate.
*/
export interface LaunchTemplateProps {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I defaulted with making all of the properties optional, since they all are completely optional in a Launch Template. Oddly, it is valid to create a completely empty Launch Template.

My thinking is that the PR is a good place to have a discussion regarding how opinionated the CDK's L2 should be regarding which properties are optional and which are not.

Four of the CloudFormation resources that can make use of LaunchTemplates are:

  1. EC2::EC2Fleet -- Uses an array of them, where each element of the array can override some of the LaunchTemplate values.
  2. EC2::SpotFleet -- Similar to EC2::Fleet in that it can use an array of LaunchTemplates, but the values that can be overriden are different.
  3. EC2::Instance -- Can use a single launch template, and the properties (ex: machine image) defined by the Launch Template are overriden by defining the equivalent top-level property in the EC2::Instance resource.
  4. AutoScaling::AutoScalingGroup -- Can use either a single Launch Template with no overrides. Or a mixed instances policy which uses a single launch template as a base template, but may optionally provide an override launch template for each element of an array of instance types.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is one of the reasons we ourselves have been getting stuck implementing it in the CDK. It just seems so open-ended and anything can be overridden at any point.

Thanks for this list! This is super helpful.

*
* @default - This Launch Template does not specify a default AMI.
*/
readonly machineImage?: IMachineImage;
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A reasonable argument could be probably made for making this a required property; it would allow us to always provide a default userData and mimic the osType + userData interface that is available on the Instance and AutoScalingGroup L2s.

Of the four uses of launch templates that are identified above, the Instance and AutoScalingGroup could both potentially provide a value for a machineImage outside of a particular launch template, but the later needs to provide the override using a launch template.

I'm not familiar enough with launch template use-cases to make a strong argument one way or the other; not sure if there are any uses that get broken if we make this required.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's do it like this and see where it breaks.

I'll 100% give you that the moment we make this required, someone will come by and say "but I use Launch Templates to give all my instances the same networking configuration but then configure the AMI on the Instance class".

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

True enough. Let's leave it as optional.

roles: [this.role.roleName],
});

if (props?.securityGroup) {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems to be the only property of a LaunchTemplate that could tie it to a specific VPC. So, though it might be nice to be able to create one by default if we're not provided one, the lack of a VPC property on the LaunchTemplate prevents that.

The IConnectable interface is really useful, so it seems sensible to me to want to have the L2 LaunchTemplate implement the interface. However, the inability to create a default security group makes the case of not being provided a security group a little weird -- you end up with a Connections object that has no actual security group(s) in it.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see how it will be useful, but I'm still a little hesitant to create one automatically--especially as I can see use cases for Launch Templates where people don't want those (they will use LTs to set Spot Pricing for all instances but then create SGs for individual instances... or something).

I guess we can't!

Annotations.of(this).addError('Spot block duration must be exactly 1, 2, 3, 4, 5, or 6 hours.');
}

this.role = props?.role ?? new iam.Role(this, 'Role', {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hrm. I'm thinking that it might not have been a good idea to default-create a Role for the launch template. Unfortunately, not doing so makes implementing IGrantable impossible.

Reason for not creating it would be a potential use-case for LaunchTemplate within the LaunchTemplate spec of an ASG's MixedInstancesPolicy whereby the user provides a base LaunchTemplate that defines all of the common stuff (Role, UserData, AMI, etc) but then selectively overrides some of the non-Role fields (ex: AMI, CpuOptions, Placement) for certain instance types. If we default-create a Role, always, in the L2 then that sort of use-case ends up with the selective-override templates overriding the instance Role.

On the other hand, a user could simply pass the role from the base LaunchTemplate into the override LaunchTemplates in that case. Sure, the override templates would be defining a Role but it would be the same Role as in the base template -- so, functionally equivalent.

Thoughts? Opinions?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On the surface, it seems that it might be possible to use a LazyRole here, and use a Lazy to create the CfnInstanceProfile only if the LazyRole has a statement, policy, or managed policy attached. Or if the LazyRole has been instantiated, I suppose.

That's, perhaps, a little sketchy though.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah let's keep it as simple as we can for now, until we get a better grip on this.

Let's let LaunchTemplates do as little as possible, except just hold on to some common objects/variables.

Any method that would normally interact with those unset members can throw an exception for all I care. Let's see where that takes us. It's easier to add magic in than to take it out later.

this.userData = props?.machineImage.getImage(this).userData;
}
const userDataToken = this.userData ?
Lazy.string({ produce: () => Fn.base64(this.userData!.render()) }) :
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Similar reasoning to that, above, for not providing a default role... I'm thinking that this should probably be modified to set UserData to undefined if this.userData has no actual commands in it. i.e. Still automatically create this.userData, but have the Lazy generate undefined if that userData would be empty.

Thoughts? Opinions?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems finicky. We'd have to introduce the concept of emptiness to a UserData first, as they won't necessarily render as empty, they might render to "", to "<powershell></powershell>" or even more complex for a MIME UserData.

Let's just say you have to specify it to start with.

/**
* Properties of a LaunchTemplate.
*/
export interface LaunchTemplateProps {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is one of the reasons we ourselves have been getting stuck implementing it in the CDK. It just seems so open-ended and anything can be overridden at any point.

Thanks for this list! This is super helpful.

*
* @default - This Launch Template does not specify a default AMI.
*/
readonly machineImage?: IMachineImage;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's do it like this and see where it breaks.

I'll 100% give you that the moment we make this required, someone will come by and say "but I use Launch Templates to give all my instances the same networking configuration but then configure the AMI on the Instance class".

* assumedBy: new iam.ServicePrincipal('ec2.amazonaws.com')
* });
*
* @default - A new Role is created.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wait, is it though?

Shouldn't this be just as optional as all the other fields, and not create anything by default to not mess with the downstream consumers too much?

*
* @default No tags are specified.
*/
readonly tagSpecifications?: LaunchTemplateTagSpecification[];
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tags will have to be implemented in core and in cfn2ts, to integrate with the aspect-based tagging (by doing it at the L1 level).

To start, let's take tagging out of this PR.

Copy link
Contributor Author

@ddneilson ddneilson Feb 2, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Took a look at it... Looks to be a pretty monumental undertaking to add tagging support. That'll have to go on the CDK team's backlog.

LaunchTemplate tagging really does not look like it will integrate well with the current tagging abstractions. There is no tag field on the LaunchTemplate (i.e. the template itself is not taggable), but rather a tagSpecification member within the launchTemplateData field that has its own unique format. i.e. It does not implement anything resembling ITaggable.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Addition... Perhaps I'm being too clever/hacky, but I figured out a way to get the L2 LaunchTemplate to interact with tagging aspects without having to make any changes to CDK core.

// ============================================
// Members for ILaunchTemplate interface
/**
* @inheritdoc
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fairly sure @inheritdoc is not necessary.

roles: [this.role.roleName],
});

if (props?.securityGroup) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see how it will be useful, but I'm still a little hesitant to create one automatically--especially as I can see use cases for Launch Templates where people don't want those (they will use LTs to set Spot Pricing for all instances but then create SGs for individual instances... or something).

I guess we can't!


// =============================================

constructor(scope: Construct, id: string, props?: LaunchTemplateProps) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If you declare this as props: LaunchTemplateProps = {} it saves a bunch of props?. operators in this method.

});

this.userData = props?.userData;
if (!this.userData !== undefined && props?.machineImage !== undefined) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

!this.userData !== undefined 

I'm not sure the precedences work out correctly here.

But isn't the following just as easy:

this.userData = props.userData ?? props.machineImage?.getImage(this).userData

this.userData = props?.machineImage.getImage(this).userData;
}
const userDataToken = this.userData ?
Lazy.string({ produce: () => Fn.base64(this.userData!.render()) }) :
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems finicky. We'd have to introduce the concept of emptiness to a UserData first, as they won't necessarily render as empty, they might render to "", to "<powershell></powershell>" or even more complex for a MIME UserData.

Let's just say you have to specify it to start with.

* @param construct the instance/asg construct, used to host any warning
* @param blockDevices list of block devices
*/
function synthesizeBlockDeviceMappings<RT, NDT>(construct: Construct, blockDevices: BlockDevice[], noDeviceValue: NDT): RT[] {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@mergify mergify bot dismissed rix0rrr’s stale review February 2, 2021 19:02

Pull request has been modified.

rix0rrr
rix0rrr previously requested changes Feb 4, 2021
Copy link
Contributor

@rix0rrr rix0rrr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As good as there! Minor comments, after those are addressed I'm totally ready to ship this.

const iamProfile: iam.CfnInstanceProfile | undefined = this._role ? new iam.CfnInstanceProfile(this, 'Profile', {
roles: [this._role!.roleName],
}) : undefined;
const iamProfileToken = Lazy.string({
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This feels like it doesn't need to be lazy?

const iamProfileToken = iamProfile?.getAtt('Arn').toString();

?

Or if you MUST have that the type will be string instead of string | undefined (although why would you):

const iamProfileToken = iamProfile ? iamProfile.getAtt('Arn').toString() : Token.asString(undefined);

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, I got a little carried away with the Lazy uses :-)

}

this.tags = new TagManager(TagType.KEY_VALUE, 'AWS::EC2::LaunchTemplate');
const tagsToken = Lazy.any({
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Clever. Doesn't look too horrible. It may be unexpected that the L2 is taggable while the L1 isn't. But I can live with this, and if we have tests on it we can always refactor later.

*/
public get connections(): Connections {
if (!this._connections) {
throw new Error('connections not available on LaunchTemplate. You must provide a securityGroup when constructing the LaunchTemplate to make it available.');
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe phrase this in terms of APIs the end user would see (as opposed to APIs the author would see):

LaunchTemplate can only be used as IConnectable if a securityGroup is provided...

*/
public get grantPrincipal(): iam.IPrincipal {
if (!this._role) {
throw new Error('grantPrincipal not available on LaunchTemplate. You must provide a role when constructing the LaunchTemplate to make it available.');
Copy link
Contributor

@rix0rrr rix0rrr Feb 4, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same here:

LaunchTemplate can only be used as IGrantable if...

*
* @note Only available if you provide a role when constructing the LaunchTemplate.
*/
public get role(): iam.IRole {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since the role property isn't really implementing a protocol such as IGrantable or IConnectable, I'd be fine surfacing the reality here. Declare this just as

public readonly role?: iam.IRole;

And users can deal with the fact that it might or might not be set.

Copy link
Contributor

@rix0rrr rix0rrr Feb 4, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Because also: think about how Instance would consume this.

It needs to do something like:

if (props.role) { 
  instanceRole = props.role;
} else if (!launchTemplate.role) {     // <--- this should not throw then otherwise I can't inspect it
  instanceRole = new iam.Role(...);
}

to make sure the instance ends up with an instance profile.

*
* @note Only available if you provide a machineImage when constructing the LaunchTemplate
*/
public get osType(): OperatingSystemType {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I thiiiiink... this might also benefit from just being able to be optional, like role.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, I agree. I'll switch all except for grantPrincipal and connection into just plain properties instead of getters.

*
* @note Only available if you provide a machineImage or UserData when constructing the LaunchTemplate.
*/
public get userData(): UserData {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

And I think userData as well...

@mergify mergify bot dismissed rix0rrr’s stale review February 5, 2021 05:05

Pull request has been modified.

rix0rrr
rix0rrr previously approved these changes Feb 5, 2021
@mergify
Copy link
Contributor

mergify bot commented Feb 5, 2021

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@rix0rrr rix0rrr changed the title feat(ec2): implementation of L2 construct for Launch Templates feat(ec2): can define Launch Templates (not use them yet) Feb 5, 2021
@mergify mergify bot dismissed rix0rrr’s stale review February 5, 2021 16:42

Pull request has been modified.

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildProject89A8053A-LhjRyN9kxr8o
  • Commit ID: f84646c
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@mergify
Copy link
Contributor

mergify bot commented Feb 5, 2021

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@mergify mergify bot merged commit 32c0de7 into aws:master Feb 5, 2021
TLadd pushed a commit to TLadd/aws-cdk that referenced this pull request Feb 9, 2021
This provides an initial implementation of a level 2 construct for EC2 Launch Templates. It is a start that is intended to help get the ball rolling on implementation of Launch Template support within the CDK. It is a step towards resolving aws#6734

Launch Templates have value even without the integrations into Instance and AutoScalingGroup being implemented yet. Thus, the intention with this PR is to solely implement the L2 for LaunchTemplate. Future work in a separate PR would be required to implement its integration into Instance, AutoScalingGroup, and others.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
TLadd pushed a commit to TLadd/aws-cdk that referenced this pull request Feb 9, 2021
This provides an initial implementation of a level 2 construct for EC2 Launch Templates. It is a start that is intended to help get the ball rolling on implementation of Launch Template support within the CDK. It is a step towards resolving aws#6734

Launch Templates have value even without the integrations into Instance and AutoScalingGroup being implemented yet. Thus, the intention with this PR is to solely implement the L2 for LaunchTemplate. Future work in a separate PR would be required to implement its integration into Instance, AutoScalingGroup, and others.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
TLadd pushed a commit to TLadd/aws-cdk that referenced this pull request Feb 9, 2021
This provides an initial implementation of a level 2 construct for EC2 Launch Templates. It is a start that is intended to help get the ball rolling on implementation of Launch Template support within the CDK. It is a step towards resolving aws#6734

Launch Templates have value even without the integrations into Instance and AutoScalingGroup being implemented yet. Thus, the intention with this PR is to solely implement the L2 for LaunchTemplate. Future work in a separate PR would be required to implement its integration into Instance, AutoScalingGroup, and others.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
NovakGu pushed a commit to NovakGu/aws-cdk that referenced this pull request Feb 18, 2021
This provides an initial implementation of a level 2 construct for EC2 Launch Templates. It is a start that is intended to help get the ball rolling on implementation of Launch Template support within the CDK. It is a step towards resolving aws#6734

Launch Templates have value even without the integrations into Instance and AutoScalingGroup being implemented yet. Thus, the intention with this PR is to solely implement the L2 for LaunchTemplate. Future work in a separate PR would be required to implement its integration into Instance, AutoScalingGroup, and others.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
mergify bot pushed a commit that referenced this pull request Feb 27, 2023
…chineImege is provided (#23593)

closes #23592

Reading through the discussion in PR #12385, which introduced the original code, I could not find any reason not to create userData when machineImage is provided. They also agreed with the design [here](#12385 (comment)), but it seems it accidentally became out of scope at the time.

This change should not be considered as a breaking change because we are just adding empty userData to launchTemplates whose userData is not specified explicitly, and it will not have any effect on the existing behavior.

* Users who already sets a userData explicitly:
   * will not see any change to their synthesized template, as this PR only modifies userData when it is not set explicitly.
* Users who is not using userData:
   * will see a userData is added to their template. But the userData is empty and does nothing. It should not have any effect on the previous behavior.

----

### All Submissions:

* [X] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md)

### Adding new Construct Runtime Dependencies:

* [ ] This PR adds new construct runtime dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-construct-runtime-dependencies)

### New Features

* [X] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)?
	* [X] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)?

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
westhouseK pushed a commit to westhouseK/aws-cdk that referenced this pull request Feb 28, 2023
…chineImege is provided (aws#23593)

closes aws#23592

Reading through the discussion in PR aws#12385, which introduced the original code, I could not find any reason not to create userData when machineImage is provided. They also agreed with the design [here](aws#12385 (comment)), but it seems it accidentally became out of scope at the time.

This change should not be considered as a breaking change because we are just adding empty userData to launchTemplates whose userData is not specified explicitly, and it will not have any effect on the existing behavior.

* Users who already sets a userData explicitly:
   * will not see any change to their synthesized template, as this PR only modifies userData when it is not set explicitly.
* Users who is not using userData:
   * will see a userData is added to their template. But the userData is empty and does nothing. It should not have any effect on the previous behavior.

----

### All Submissions:

* [X] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md)

### Adding new Construct Runtime Dependencies:

* [ ] This PR adds new construct runtime dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-construct-runtime-dependencies)

### New Features

* [X] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)?
	* [X] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)?

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
beck3905 pushed a commit to beck3905/aws-cdk that referenced this pull request Feb 28, 2023
…chineImege is provided (aws#23593)

closes aws#23592

Reading through the discussion in PR aws#12385, which introduced the original code, I could not find any reason not to create userData when machineImage is provided. They also agreed with the design [here](aws#12385 (comment)), but it seems it accidentally became out of scope at the time.

This change should not be considered as a breaking change because we are just adding empty userData to launchTemplates whose userData is not specified explicitly, and it will not have any effect on the existing behavior.

* Users who already sets a userData explicitly:
   * will not see any change to their synthesized template, as this PR only modifies userData when it is not set explicitly.
* Users who is not using userData:
   * will see a userData is added to their template. But the userData is empty and does nothing. It should not have any effect on the previous behavior.

----

### All Submissions:

* [X] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md)

### Adding new Construct Runtime Dependencies:

* [ ] This PR adds new construct runtime dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-construct-runtime-dependencies)

### New Features

* [X] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)?
	* [X] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)?

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
homakk pushed a commit to homakk/aws-cdk that referenced this pull request Mar 28, 2023
…chineImege is provided (aws#23593)

closes aws#23592

Reading through the discussion in PR aws#12385, which introduced the original code, I could not find any reason not to create userData when machineImage is provided. They also agreed with the design [here](aws#12385 (comment)), but it seems it accidentally became out of scope at the time.

This change should not be considered as a breaking change because we are just adding empty userData to launchTemplates whose userData is not specified explicitly, and it will not have any effect on the existing behavior.

* Users who already sets a userData explicitly:
   * will not see any change to their synthesized template, as this PR only modifies userData when it is not set explicitly.
* Users who is not using userData:
   * will see a userData is added to their template. But the userData is empty and does nothing. It should not have any effect on the previous behavior.

----

### All Submissions:

* [X] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md)

### Adding new Construct Runtime Dependencies:

* [ ] This PR adds new construct runtime dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-construct-runtime-dependencies)

### New Features

* [X] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)?
	* [X] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)?

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
brighid-bot added a commit to cythral/brighid-commands that referenced this pull request Mar 29, 2023
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [Amazon.CDK.Lib](https://togithub.com/aws/aws-cdk) | nuget | minor |
`2.46.0` -> `2.70.0` |

---

### Release Notes

<details>
<summary>aws/aws-cdk</summary>

### [`v2.70.0`](https://togithub.com/aws/aws-cdk/releases/v2.70.0)

##### Features

- **cfnspec:** cloudformation spec v116.0.0
([#&#8203;24662](https://togithub.com/aws/aws-cdk/issues/24662))
([e8158af](https://togithub.com/aws/aws-cdk/commit/e8158af34eb6402c79edbc171746fb5501775c68))
- **cloudwatch:** added defaultInterval prop to cw-dashboard
([#&#8203;24707](https://togithub.com/aws/aws-cdk/issues/24707))
([d4717cf](https://togithub.com/aws/aws-cdk/commit/d4717cf035c9f7027d8081ea1f15a631044315e8))
- **ec2:** CFN-init support for systemd
([#&#8203;24683](https://togithub.com/aws/aws-cdk/issues/24683))
([f3fe8e1](https://togithub.com/aws/aws-cdk/commit/f3fe8e1c4348194f89b47a276e6c85328b1044fa))
- **ec2:** SSM sessions
([#&#8203;24673](https://togithub.com/aws/aws-cdk/issues/24673))
([9744a82](https://togithub.com/aws/aws-cdk/commit/9744a8295fab28f1e8c38a0b980935f7546990e6))
- **ecr:** add option to auto delete images upon ECR repository removal
([#&#8203;24572](https://togithub.com/aws/aws-cdk/issues/24572))
([7de5b00](https://togithub.com/aws/aws-cdk/commit/7de5b00dcf24c4f6721317860c7e42c485e3ca58)),
closes [#&#8203;15932](https://togithub.com/aws/aws-cdk/issues/15932)
[#&#8203;12618](https://togithub.com/aws/aws-cdk/issues/12618)
[#&#8203;15932](https://togithub.com/aws/aws-cdk/issues/15932)
- **elasticloadbalancing:** classic load balancer supports ec2 instances
([#&#8203;24353](https://togithub.com/aws/aws-cdk/issues/24353))
([25b6edd](https://togithub.com/aws/aws-cdk/commit/25b6edd9d83e4766a2cb064b8eb8e3c6198b4f53)),
closes [#&#8203;23500](https://togithub.com/aws/aws-cdk/issues/23500)
- **servicecatalogappregistry-alpha:** Introduce flag to control
application sharing and association behavior for cross-account stacks
([#&#8203;24408](https://togithub.com/aws/aws-cdk/issues/24408))
([2167289](https://togithub.com/aws/aws-cdk/commit/2167289658e8f3431ec815c741277dc1be1aa110)),
closes
[aws-cdk/aws-servicecatalogappregistry/lib/aspects/stack-associator.ts#L91-L95](https://togithub.com/aws-cdk/aws-servicecatalogappregistry/lib/aspects/stack-associator.ts/issues/L91-L95)

##### Bug Fixes

- **bootstrap:** remove Security Hub finding KMS.2
([#&#8203;24588](https://togithub.com/aws/aws-cdk/issues/24588))
([274c3d5](https://togithub.com/aws/aws-cdk/commit/274c3d54dcc0b9534d1ede287fe3672ec9883dbe)),
closes
[/docs.aws.amazon.com/securityhub/latest/userguide/kms-controls.html#kms-2](https://togithub.com/aws//docs.aws.amazon.com/securityhub/latest/userguide/kms-controls.html/issues/kms-2)
- **cli:** no change deployment prints "hotswap deployment skipped"
without hotswap flag
([#&#8203;24602](https://togithub.com/aws/aws-cdk/issues/24602))
([79151fd](https://togithub.com/aws/aws-cdk/commit/79151fd7f4916defeb1e17d3bcdbec1e119ec994))
- **cli:** user agent is reported as `undefined/undefined`
([#&#8203;24663](https://togithub.com/aws/aws-cdk/issues/24663))
([3e8d8d8](https://togithub.com/aws/aws-cdk/commit/3e8d8d8e1b9a88376a6460094dea0c08ce19742e))
- **eks:** fail to update cluster by disabling logging props
([#&#8203;24688](https://togithub.com/aws/aws-cdk/issues/24688))
([767cf93](https://togithub.com/aws/aws-cdk/commit/767cf93eb131c707f8243e8f3779dd3bad89271a))
- **sfn:** stop replacing JsonPath.DISCARD with `null`
([#&#8203;24717](https://togithub.com/aws/aws-cdk/issues/24717))
([413b643](https://togithub.com/aws/aws-cdk/commit/413b64347f333573b2a07150e87244bd4c11d264)),
closes [#&#8203;24593](https://togithub.com/aws/aws-cdk/issues/24593)
- **toolkit:** RWLock.acquireRead is not re-entrant
([#&#8203;24702](https://togithub.com/aws/aws-cdk/issues/24702))
([3b7431b](https://togithub.com/aws/aws-cdk/commit/3b7431b6ac27f8557c22a8959ae1ce431f6d2167))
- **WAFv2:** add patch to revert struct names
([#&#8203;24651](https://togithub.com/aws/aws-cdk/issues/24651))
([dfa09d1](https://togithub.com/aws/aws-cdk/commit/dfa09d133523f0457a9ab2369bde13b44c398c30)),
closes
[/github.com/aws/aws-cdk/commit/affe040c8443be074822254d1e75a28b264cd801#diff-827a2fd012e049c7ccedffa0360c12e7d967a173f36b8150de73ef6adc42ee4cL175-L357](https://togithub.com/aws//github.com/aws/aws-cdk/commit/affe040c8443be074822254d1e75a28b264cd801/issues/diff-827a2fd012e049c7ccedffa0360c12e7d967a173f36b8150de73ef6adc42ee4cL175-L357)

***

#### Alpha modules (2.70.0-alpha.0)

##### ⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

- **servicecatalogappregistry:** This commit contains destructive
changes to the RAM Share.
Since the application RAM share name is calculated by the application
construct, where one method is added. Integration test detects a
breaking change where RAM share will be created. Integration test
snapshot is updated to cater this destructive change.

##### Features

- **servicecatalogappregistry:** add attribute groups to an application
([#&#8203;24672](https://togithub.com/aws/aws-cdk/issues/24672))
([7baffa2](https://togithub.com/aws/aws-cdk/commit/7baffa239a7904cd73ac73537101ed5bd40aa9a0))

### [`v2.69.0`](https://togithub.com/aws/aws-cdk/releases/v2.69.0)

##### Features

- **custom-resources:** AwsCustomResource copy physicalResourceId from
request when omit it in onUpdate
([#&#8203;24194](https://togithub.com/aws/aws-cdk/issues/24194))
([21ad7a7](https://togithub.com/aws/aws-cdk/commit/21ad7a7a0462a00c491ed104163d2065828a9aa1)),
closes [#&#8203;23843](https://togithub.com/aws/aws-cdk/issues/23843)
- **docdb:** added ability to enable performance insights
([#&#8203;24039](https://togithub.com/aws/aws-cdk/issues/24039))
([c897f44](https://togithub.com/aws/aws-cdk/commit/c897f44ea438487a8bf48053dead667c35cade02)),
closes [#&#8203;24036](https://togithub.com/aws/aws-cdk/issues/24036)
- **ecr-assets:** Support cache-from and cache-to flags
([#&#8203;24024](https://togithub.com/aws/aws-cdk/issues/24024))
([4e02566](https://togithub.com/aws/aws-cdk/commit/4e02566fab0f6c6708c9ee766e2805adbb329f18))
- **eks:** support for Kubernetes version 1.25
([#&#8203;24484](https://togithub.com/aws/aws-cdk/issues/24484))
([70fd3e9](https://togithub.com/aws/aws-cdk/commit/70fd3e97e5b3555f4036ada6e562cec4359cadeb)),
closes [#&#8203;24282](https://togithub.com/aws/aws-cdk/issues/24282)
- **rds:** add support for minor versions of PostgreSQL: 14.7, 13.10,
12.14, and 11.19
([#&#8203;24539](https://togithub.com/aws/aws-cdk/issues/24539))
([15cb919](https://togithub.com/aws/aws-cdk/commit/15cb919fab9d20d0e8f0485662131cbb10980269))
- **rds:** PostgreSQL engine version 15.2
([#&#8203;24463](https://togithub.com/aws/aws-cdk/issues/24463))
([59d795b](https://togithub.com/aws/aws-cdk/commit/59d795b6e8d77b2d2d099169eaeb83a66c9d6a1a)),
closes [#&#8203;24462](https://togithub.com/aws/aws-cdk/issues/24462)

##### Bug Fixes

- **custom-resource:** custom resources fail with data containing
multi-byte utf8 chars
([#&#8203;24501](https://togithub.com/aws/aws-cdk/issues/24501))
([9bd5078](https://togithub.com/aws/aws-cdk/commit/9bd507842f567ee3e450c3f44e5c3dccc7c42ae6)),
closes [#&#8203;24491](https://togithub.com/aws/aws-cdk/issues/24491)
- **ecr-assets:** prefix cache arguments correctly
([#&#8203;24524](https://togithub.com/aws/aws-cdk/issues/24524))
([d451b30](https://togithub.com/aws/aws-cdk/commit/d451b3014a1d39e0a6ea18c2ec79a547b187adc5))
- **pipelines:** Ubuntu 5 images will be slow, move to Ubuntu 6
([#&#8203;24544](https://togithub.com/aws/aws-cdk/issues/24544))
([1f62c43](https://togithub.com/aws/aws-cdk/commit/1f62c438fb68332a492b624bad65159cc9c0308f))
- **sfn:** can't override toStateJson() from other languages
([#&#8203;24593](https://togithub.com/aws/aws-cdk/issues/24593))
([e955d18](https://togithub.com/aws/aws-cdk/commit/e955d18052b8ec397c06ae6994b96bb7558e12bb)),
closes [#&#8203;14639](https://togithub.com/aws/aws-cdk/issues/14639)

***

#### Alpha modules (2.69.0-alpha.0)

##### Features

- **kinesisanalytics-flink:** VPC support for Flink applications
([#&#8203;24442](https://togithub.com/aws/aws-cdk/issues/24442))
([7c7ad6d](https://togithub.com/aws/aws-cdk/commit/7c7ad6d18bd0d48a30858c1964d27d8a02b274ae)),
closes
[40aws-cdk/aws-lambda/lib/function.ts#L170](https://togithub.com/40aws-cdk/aws-lambda/lib/function.ts/issues/L170)
[#&#8203;21104](https://togithub.com/aws/aws-cdk/issues/21104)

### [`v2.68.0`](https://togithub.com/aws/aws-cdk/releases/v2.68.0)

##### Bug Fixes

- **apprunner-alpha:** env vars and secrets can't solely be added via
.add\*() methods
([#&#8203;24346](https://togithub.com/aws/aws-cdk/issues/24346))
([45195b6](https://togithub.com/aws/aws-cdk/commit/45195b6f2e5162eaa795d3a412d89dd09680aa8b)),
closes [#&#8203;24345](https://togithub.com/aws/aws-cdk/issues/24345)
- **cli:** cannot `cdk import` resources with multiple identifiers
([#&#8203;24439](https://togithub.com/aws/aws-cdk/issues/24439))
([a70ff1a](https://togithub.com/aws/aws-cdk/commit/a70ff1ad332af780c052e3117b73df060deee7ae)),
closes [#&#8203;20895](https://togithub.com/aws/aws-cdk/issues/20895)
- **core:** Fix dotnet version check to allow .NET 7.0
([#&#8203;24467](https://togithub.com/aws/aws-cdk/issues/24467))
([a4856e9](https://togithub.com/aws/aws-cdk/commit/a4856e997684f84476fe92e00afcd4da76a69b04)),
closes [#&#8203;24466](https://togithub.com/aws/aws-cdk/issues/24466)
- **lambda-nodejs:** esbuild preCompilation tsconfig precedence is wrong
([#&#8203;23871](https://togithub.com/aws/aws-cdk/issues/23871))
([790a709](https://togithub.com/aws/aws-cdk/commit/790a709d758333f4622c5fb860d9bbb48dee7106))
- **lambda-nodejs:** Required auto prefix of `handler` with `index.`
breaks custom non-`index` handler settings used by layers
([#&#8203;24406](https://togithub.com/aws/aws-cdk/issues/24406))
([d7a1c34](https://togithub.com/aws/aws-cdk/commit/d7a1c34e540e12413319918a5d807060057a1a1b)),
closes [#&#8203;24403](https://togithub.com/aws/aws-cdk/issues/24403)
- **rds:** add clusterResourceIdentifier property to database cluster
([#&#8203;23605](https://togithub.com/aws/aws-cdk/issues/23605))
([6bda4e5](https://togithub.com/aws/aws-cdk/commit/6bda4e5ae4205a917a00714433f136550c59e409))

***

#### Alpha modules (2.68.0-alpha.0)

##### ⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

- **servicecatalogappregistry:** This commit contains destructive
changes to the RAM Share.
Since the application RAM share name is calculated by the application
construct, where one property is removed. Integration test detects a
breaking change where RAM share will be created. Integration test
snapshot is updated to cater this destructive change.

##### Features

- **msk:** add Kafka version 3.3.2
([#&#8203;24440](https://togithub.com/aws/aws-cdk/issues/24440))
([1b2014e](https://togithub.com/aws/aws-cdk/commit/1b2014eef9e3f2190b2cce79c55f635cc1f167e3)),
closes [#&#8203;24432](https://togithub.com/aws/aws-cdk/issues/24432)
- **redshift:** column compression encodings and comments can now be
customised
([#&#8203;24177](https://togithub.com/aws/aws-cdk/issues/24177))
([1ca3e00](https://togithub.com/aws/aws-cdk/commit/1ca3e0027323e84aacade4d9bd058bbc5687a7ab)),
closes [#&#8203;24165](https://togithub.com/aws/aws-cdk/issues/24165)
[#&#8203;23597](https://togithub.com/aws/aws-cdk/issues/23597)
[#&#8203;22506](https://togithub.com/aws/aws-cdk/issues/22506)
- **redshift:** columns require an id attribute (under feature flag)
([#&#8203;24272](https://togithub.com/aws/aws-cdk/issues/24272))
([9a07ab0](https://togithub.com/aws/aws-cdk/commit/9a07ab008d1b6d23e9a302921f1a5165a21fb128)),
closes [#&#8203;24234](https://togithub.com/aws/aws-cdk/issues/24234)

##### Bug Fixes

- **servicecatalogappregistry:** allow disabling automatic CfnOutput
([#&#8203;24483](https://togithub.com/aws/aws-cdk/issues/24483))
([3db1a0d](https://togithub.com/aws/aws-cdk/commit/3db1a0d0bcf615871a225919eed235b78904e144)),
closes [#&#8203;23779](https://togithub.com/aws/aws-cdk/issues/23779)
- **servicecatalogappregistry:** Associate an application with attribute
group ([#&#8203;24378](https://togithub.com/aws/aws-cdk/issues/24378))
([d1264c1](https://togithub.com/aws/aws-cdk/commit/d1264c1c414257fb8dd5288fdc24cfe9605cdf90))

### [`v2.67.0`](https://togithub.com/aws/aws-cdk/releases/v2.67.0)

##### Features

- **apigateway:** minCompressionSize on SpecRestApi
([#&#8203;24067](https://togithub.com/aws/aws-cdk/issues/24067))
([2a81f0f](https://togithub.com/aws/aws-cdk/commit/2a81f0f7d9eb73cd0e807904357a5daf7d6e5017)),
closes [#&#8203;22926](https://togithub.com/aws/aws-cdk/issues/22926)
- **bootstrap:** prevent accidental bootstrap overwrites
([#&#8203;24302](https://togithub.com/aws/aws-cdk/issues/24302))
([3b251a5](https://togithub.com/aws/aws-cdk/commit/3b251a5e8e74332076c9e5dc810a80775fa77d61))
- **cli:** update csharp & fsharp template to net6.0
([#&#8203;23926](https://togithub.com/aws/aws-cdk/issues/23926))
([3bd611d](https://togithub.com/aws/aws-cdk/commit/3bd611dcbdf802dbc918d0ecedaf3ac3d9d73503)),
closes [#&#8203;23921](https://togithub.com/aws/aws-cdk/issues/23921)
- **codebuild:** adds file asset support to build-spec
([#&#8203;24289](https://togithub.com/aws/aws-cdk/issues/24289))
([7cda567](https://togithub.com/aws/aws-cdk/commit/7cda5673fd3f6c5cd56ea59d71b14115f2a388f2)),
closes [#&#8203;1138](https://togithub.com/aws/aws-cdk/issues/1138)
- **ecs:** enable default capacity provider strategy
([#&#8203;23955](https://togithub.com/aws/aws-cdk/issues/23955))
([5a30ea6](https://togithub.com/aws/aws-cdk/commit/5a30ea6536df0fda0e0e7bb89d45666f57fb8890))
- **eks:** add helm flag --skip-crds
([#&#8203;24213](https://togithub.com/aws/aws-cdk/issues/24213))
([f68dbc2](https://togithub.com/aws/aws-cdk/commit/f68dbc2ce76a2df51081e959aa70e373a9bf5ac6)),
closes [#&#8203;24296](https://togithub.com/aws/aws-cdk/issues/24296)
- **sns:** Add FilterPolicyScope support
([#&#8203;23108](https://togithub.com/aws/aws-cdk/issues/23108))
([d986e14](https://togithub.com/aws/aws-cdk/commit/d986e143df3cf9b42031eba0f5a2d9a71d6d9208))
- **stepfunctions-tasks:** add revision number
([#&#8203;24226](https://togithub.com/aws/aws-cdk/issues/24226))
([643042b](https://togithub.com/aws/aws-cdk/commit/643042b8a15779b8a535567085b31424f4373515)),
closes [#&#8203;23491](https://togithub.com/aws/aws-cdk/issues/23491)

##### Bug Fixes

- **cdk-assets:** Error when building Docker Image Assets with Podman
([#&#8203;24003](https://togithub.com/aws/aws-cdk/issues/24003))
([4b08e20](https://togithub.com/aws/aws-cdk/commit/4b08e20be3b829c752e425883da09188b2dcff72)),
closes
[/github.com/aws/aws-cdk/issues/16209#issue-978267269](https://togithub.com/aws//github.com/aws/aws-cdk/issues/16209/issues/issue-978267269)
[#&#8203;16209](https://togithub.com/aws/aws-cdk/issues/16209)
- **cloudwatch:** math expressions incorrectly warn about search and
metrics ([#&#8203;24313](https://togithub.com/aws/aws-cdk/issues/24313))
([f3596eb](https://togithub.com/aws/aws-cdk/commit/f3596eb26f1e4ab360875bf5f79a7de991d2a9ec)),
closes [#&#8203;20136](https://togithub.com/aws/aws-cdk/issues/20136)
- **ec2:** userData in launchTemplate is created automatically when
machineImege is provided
([#&#8203;23593](https://togithub.com/aws/aws-cdk/issues/23593))
([bb4311b](https://togithub.com/aws/aws-cdk/commit/bb4311bf05b64cc95a89a319743e3883fd3c5b15)),
closes [#&#8203;23592](https://togithub.com/aws/aws-cdk/issues/23592)
[/github.com/aws/aws-cdk/pull/12385#discussion_r564614928](https://togithub.com/aws//github.com/aws/aws-cdk/pull/12385/issues/discussion_r564614928)
- **ecr-assets:** fix repeated deploys of stacks with tar assets
([#&#8203;23497](https://togithub.com/aws/aws-cdk/issues/23497))
([c2296a8](https://togithub.com/aws/aws-cdk/commit/c2296a87116c7bbaf6103a03364326c760a8f952)),
closes [#&#8203;18823](https://togithub.com/aws/aws-cdk/issues/18823)
[#&#8203;18822](https://togithub.com/aws/aws-cdk/issues/18822)
- **efs:** support tagging for access point
([#&#8203;24336](https://togithub.com/aws/aws-cdk/issues/24336))
([f9af47f](https://togithub.com/aws/aws-cdk/commit/f9af47f1fe48e66412d95f3eeef931c9322ba5b7)),
closes [#&#8203;20743](https://togithub.com/aws/aws-cdk/issues/20743)
- **eks:** changing the subnets or securityGroupIds order causes an
error ([#&#8203;24163](https://togithub.com/aws/aws-cdk/issues/24163))
([09c2c19](https://togithub.com/aws/aws-cdk/commit/09c2c19f22979482020652d902a73dfcc4e593bd)),
closes [#&#8203;24162](https://togithub.com/aws/aws-cdk/issues/24162)
- **eks:** fix helm deploy login for public ECR repositories
([#&#8203;24104](https://togithub.com/aws/aws-cdk/issues/24104))
([71ec6b6](https://togithub.com/aws/aws-cdk/commit/71ec6b660cf5062c12c5205dadfc28f893251e4f)),
closes [#&#8203;23977](https://togithub.com/aws/aws-cdk/issues/23977)
- **eks:** integ tests errors
([#&#8203;24276](https://togithub.com/aws/aws-cdk/issues/24276))
([07f2d7b](https://togithub.com/aws/aws-cdk/commit/07f2d7b0b947cec31ed3132b95372b9975efa01e))
- **secretsmanager:** secret resource policy already exists in stack
(under feature flag)
([#&#8203;24365](https://togithub.com/aws/aws-cdk/issues/24365))
([7dd8b7e](https://togithub.com/aws/aws-cdk/commit/7dd8b7e1ce88a13e597e52ff95353d74ab4807f1)),
closes [#&#8203;24383](https://togithub.com/aws/aws-cdk/issues/24383)
- **servicecatalog:** wrong asset path is generated in case outdir is
absolute
([#&#8203;24393](https://togithub.com/aws/aws-cdk/issues/24393))
([0ebbf58](https://togithub.com/aws/aws-cdk/commit/0ebbf58bdd3307f536334beb5d1153e3ef660f18)),
closes [#&#8203;24392](https://togithub.com/aws/aws-cdk/issues/24392)
- **sns:** sns subscription filter policy condition limit should be 150
([#&#8203;24269](https://togithub.com/aws/aws-cdk/issues/24269))
([1e1131c](https://togithub.com/aws/aws-cdk/commit/1e1131c207de2df7d5881a57cc28daa59bad975a))
- Correct SamlConsolePrincipal for non-China
([#&#8203;24277](https://togithub.com/aws/aws-cdk/issues/24277))
([e47646c](https://togithub.com/aws/aws-cdk/commit/e47646c0ff317a421b2f042158fcc0c7ae1aa2cf)),
closes [#&#8203;24243](https://togithub.com/aws/aws-cdk/issues/24243)

***

#### Alpha modules (2.67.0-alpha.0)

##### Features

- **msk:** add Kafka versions 3.1.1, 3.2.0, and and 3.3.1
([#&#8203;23918](https://togithub.com/aws/aws-cdk/issues/23918))
([53a1d5f](https://togithub.com/aws/aws-cdk/commit/53a1d5fd81eabf5e9d846411754a554549f9f62c)),
closes [#&#8203;23899](https://togithub.com/aws/aws-cdk/issues/23899)

##### Bug Fixes

- **servicecatalogappregistry:** applicationName can not be changed
after deployment
([#&#8203;24409](https://togithub.com/aws/aws-cdk/issues/24409))
([6aa763f](https://togithub.com/aws/aws-cdk/commit/6aa763f100e5561f4554627116a458abba930480))

### [`v2.66.1`](https://togithub.com/aws/aws-cdk/releases/v2.66.1)

##### Bug Fixes

- Correct SamlConsolePrincipal for non-China
([#&#8203;24277](https://togithub.com/aws/aws-cdk/issues/24277))
([d562871](https://togithub.com/aws/aws-cdk/commit/d562871824350483e80bf6a28868280381e9e83e)),
closes [#&#8203;24243](https://togithub.com/aws/aws-cdk/issues/24243)

***

#### Alpha modules (2.66.1-alpha.0)

### [`v2.66.0`](https://togithub.com/aws/aws-cdk/releases/v2.66.0)

##### Features

- **cloudwatch:** parse all metrics statistics and support long format
([#&#8203;23095](https://togithub.com/aws/aws-cdk/issues/23095))
([853e3d6](https://togithub.com/aws/aws-cdk/commit/853e3d631ef0490b0e2d14fdcf50df9f745de3eb)),
closes [#&#8203;23074](https://togithub.com/aws/aws-cdk/issues/23074)
[40aws-cdk/aws-cloudwatch/lib/metric.ts#L295-L296](https://togithub.com/40aws-cdk/aws-cloudwatch/lib/metric.ts/issues/L295-L296)
- **core:** Size.bytes()
([#&#8203;24136](https://togithub.com/aws/aws-cdk/issues/24136))
([9b2a45a](https://togithub.com/aws/aws-cdk/commit/9b2a45a6757c91011f47a6b3893cdfa0f4891002)),
closes [#&#8203;24106](https://togithub.com/aws/aws-cdk/issues/24106)
- **efs:** support file system policy
([#&#8203;24196](https://togithub.com/aws/aws-cdk/issues/24196))
([5e0f44b](https://togithub.com/aws/aws-cdk/commit/5e0f44b05232c70f35f79d27f1294f943fbeb568)),
closes [#&#8203;24042](https://togithub.com/aws/aws-cdk/issues/24042)
- **logs:** Add support for multiple parse and filter statements in
QueryString
([#&#8203;24022](https://togithub.com/aws/aws-cdk/issues/24022))
([75eb933](https://togithub.com/aws/aws-cdk/commit/75eb9330194824cdf435ae64095813191fcd6e13))
- **stepfunctions:** removal policy for state machines
([#&#8203;24105](https://togithub.com/aws/aws-cdk/issues/24105))
([5f33a26](https://togithub.com/aws/aws-cdk/commit/5f33a26937a78a7d28f913e86c3a2d0b00746e6a))

##### Bug Fixes

- **apigateway:** rest api deployment does not depend on authorizers
([#&#8203;23215](https://togithub.com/aws/aws-cdk/issues/23215))
([12e13c1](https://togithub.com/aws/aws-cdk/commit/12e13c130cac347d5d042d414086e9e5aac5e31c))
- **cognito:** changing `installLatestAwsSdk` breaks Client Secret
reference
([#&#8203;23798](https://togithub.com/aws/aws-cdk/issues/23798))
([844d407](https://togithub.com/aws/aws-cdk/commit/844d4076c142fd88095f36dbc667d85c12e20bd5)),
closes [#&#8203;23796](https://togithub.com/aws/aws-cdk/issues/23796)
- **ecs:** validate ecs healthcheck
([#&#8203;24197](https://togithub.com/aws/aws-cdk/issues/24197))
([89802a9](https://togithub.com/aws/aws-cdk/commit/89802a95360d698921c81a152d11ab6e46b00de3))
- **eks:** nested OCI repository names for private ECR helmchart
deployments are not properly handled
([#&#8203;23378](https://togithub.com/aws/aws-cdk/issues/23378))
([72f2a95](https://togithub.com/aws/aws-cdk/commit/72f2a95e994ef1b129a48bd548303ea39a3d3c9f))
- **lambda:** RuntimeManagementMode.FUNCTION_UPDATE has wrong value
([#&#8203;24252](https://togithub.com/aws/aws-cdk/issues/24252))
([fdb0cf1](https://togithub.com/aws/aws-cdk/commit/fdb0cf13c0b18a436c02a272626ce9f9dde9c343))

***

#### Alpha modules (2.66.0-alpha.0)

##### Features

- **apigatewayv2:** allow websockets routes to return response to client
([#&#8203;22984](https://togithub.com/aws/aws-cdk/issues/22984))
([f8fe1d2](https://togithub.com/aws/aws-cdk/commit/f8fe1d292feb3fc39a99687bf454a829302c4ff5))
- **lambda-python:** add optional poetry bundling exclusion list
parameter
([#&#8203;23670](https://togithub.com/aws/aws-cdk/issues/23670))
([53beeae](https://togithub.com/aws/aws-cdk/commit/53beeaed04bfe295e9f840e65f9c89db00cac692)),
closes [#&#8203;22585](https://togithub.com/aws/aws-cdk/issues/22585)
[#&#8203;22585](https://togithub.com/aws/aws-cdk/issues/22585)
- **redshift:** optionally reboot Clusters to apply parameter changes
([#&#8203;22063](https://togithub.com/aws/aws-cdk/issues/22063))
([f61d950](https://togithub.com/aws/aws-cdk/commit/f61d950aaeba13bd6501b7c8971a9115f4a53f08)),
closes [#&#8203;22009](https://togithub.com/aws/aws-cdk/issues/22009)
[#&#8203;22055](https://togithub.com/aws/aws-cdk/issues/22055)
[#&#8203;22059](https://togithub.com/aws/aws-cdk/issues/22059)

##### Bug Fixes

- **servicecatalogappregistry:** Allow user to control stack id via
stack name for Application stack
([#&#8203;24171](https://togithub.com/aws/aws-cdk/issues/24171))
([0c7c7e4](https://togithub.com/aws/aws-cdk/commit/0c7c7e4a7c34957ff7877eda5171f82c5feaba1d)),
closes [#&#8203;24160](https://togithub.com/aws/aws-cdk/issues/24160)

### [`v2.65.0`](https://togithub.com/aws/aws-cdk/releases/v2.65.0)

##### Features

- **autoscaling:** L2 construct for enabling capacity rebalance of
autoscaling
([#&#8203;24025](https://togithub.com/aws/aws-cdk/issues/24025))
([d2c63f5](https://togithub.com/aws/aws-cdk/commit/d2c63f55f8657315ad4e4dd463cfcae07cb66e53)),
closes [#&#8203;22625](https://togithub.com/aws/aws-cdk/issues/22625)
- **chatbot:** support guardrail policies
([#&#8203;24114](https://togithub.com/aws/aws-cdk/issues/24114))
([4c72a7d](https://togithub.com/aws/aws-cdk/commit/4c72a7dc3994ba190f1e1aa467d3087228bcb881)),
closes [#&#8203;20788](https://togithub.com/aws/aws-cdk/issues/20788)
- **core:** Allow passing Docker build secrets
([#&#8203;23778](https://togithub.com/aws/aws-cdk/issues/23778))
([74512fa](https://togithub.com/aws/aws-cdk/commit/74512fa339e0a2937213f519c109ef1207e9d0c6)),
closes [#&#8203;14910](https://togithub.com/aws/aws-cdk/issues/14910)
[#&#8203;14395](https://togithub.com/aws/aws-cdk/issues/14395)
- **elbv2:** add metrics to INetworkTargetGroup and
IApplicationTargetGroup
([#&#8203;23993](https://togithub.com/aws/aws-cdk/issues/23993))
([6a9e43f](https://togithub.com/aws/aws-cdk/commit/6a9e43f0c6f966df4671267eeda21638611dfb1c)),
closes [#&#8203;23853](https://togithub.com/aws/aws-cdk/issues/23853)
[#&#8203;10850](https://togithub.com/aws/aws-cdk/issues/10850)
- **lambda:** add insights version 1.0.178.0
([#&#8203;23836](https://togithub.com/aws/aws-cdk/issues/23836))
([5272908](https://togithub.com/aws/aws-cdk/commit/527290854d0fa31e7f41497ede0c1b8b0e1b9ad4))

##### Bug Fixes

- **bootstrap:** remove Security Hub finding S3.10
([#&#8203;24175](https://togithub.com/aws/aws-cdk/issues/24175))
([a1da757](https://togithub.com/aws/aws-cdk/commit/a1da757ce348b4bd66a6d0e7776f2ff8e9f531b6)),
closes
[/docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-fsbp-controls.html#fsbp-s3-10](https://togithub.com/aws//docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-fsbp-controls.html/issues/fsbp-s3-10)
- **codedeploy:** unable to remove alarms from deployment group
([#&#8203;23308](https://togithub.com/aws/aws-cdk/issues/23308))
([eee005f](https://togithub.com/aws/aws-cdk/commit/eee005f4949d7438467c7448ba8326efa4b79221))
- **codepipeline:** x-env ECS deployment lacking support
stack-dependency
([#&#8203;24053](https://togithub.com/aws/aws-cdk/issues/24053))
([adfe4fa](https://togithub.com/aws/aws-cdk/commit/adfe4fa137bb748961b4a767d538335490e13ed1)),
closes [#&#8203;24050](https://togithub.com/aws/aws-cdk/issues/24050)
[#&#8203;24051](https://togithub.com/aws/aws-cdk/issues/24051)
- **core:** messages are displayed multiple times per construct
([#&#8203;24019](https://togithub.com/aws/aws-cdk/issues/24019))
([57770bb](https://togithub.com/aws/aws-cdk/commit/57770bb12ea6d77373f1e9e8e04f6757b440f277)),
closes [#&#8203;9565](https://togithub.com/aws/aws-cdk/issues/9565)
- **ec2:** enable set throughput param to CfnVolume
([#&#8203;24118](https://togithub.com/aws/aws-cdk/issues/24118))
([32781f8](https://togithub.com/aws/aws-cdk/commit/32781f825352f9cb43d8fed5c122b454275b3076)),
closes [#&#8203;24107](https://togithub.com/aws/aws-cdk/issues/24107)
[#&#8203;24107](https://togithub.com/aws/aws-cdk/issues/24107)
- **elbv2:** healthcheck interval is overly restrictive
([#&#8203;24157](https://togithub.com/aws/aws-cdk/issues/24157))
([4f83e02](https://togithub.com/aws/aws-cdk/commit/4f83e02b85229ebdff3f32ba6fd662ffd707d8db)),
closes [#&#8203;24156](https://togithub.com/aws/aws-cdk/issues/24156)
- **iam:** PrincipalWithConditions.addCondition fails with a new key
([#&#8203;23782](https://togithub.com/aws/aws-cdk/issues/23782))
([8951d01](https://togithub.com/aws/aws-cdk/commit/8951d013bea5dad54b94a6a683f56275ff4e6dba)),
closes [#&#8203;23781](https://togithub.com/aws/aws-cdk/issues/23781)
- **iam:** SamlConsolePrincipal does not work in China
[#&#8203;22091](https://togithub.com/aws/aws-cdk/issues/22091)
([#&#8203;24034](https://togithub.com/aws/aws-cdk/issues/24034))
([2902043](https://togithub.com/aws/aws-cdk/commit/29020435aeb1a9fb6401572520d0adca8155dc60))
- **pipelines:** SelfMutation CodeBuild project not accessible
([#&#8203;24073](https://togithub.com/aws/aws-cdk/issues/24073))
([5942978](https://togithub.com/aws/aws-cdk/commit/594297862f2626b64b174d6998886a40f1b316be))
- **rds:** database proxies use ids as their resource names directly
(under feature flag)
([#&#8203;23703](https://togithub.com/aws/aws-cdk/issues/23703))
([03a0f79](https://togithub.com/aws/aws-cdk/commit/03a0f79b40e3be95de5421370703eb54c06b7dd7)),
closes [#&#8203;18578](https://togithub.com/aws/aws-cdk/issues/18578)
- **s3:** logging bucket blocks KMS_MANAGED encryption
([#&#8203;23514](https://togithub.com/aws/aws-cdk/issues/23514))
([1e8926f](https://togithub.com/aws/aws-cdk/commit/1e8926fa9bcf561135beaa31379ec1f1e6f79901))

***

#### Alpha modules (2.65.0-alpha.0)

##### Features

- **glue:** support Ray jobs
([#&#8203;23822](https://togithub.com/aws/aws-cdk/issues/23822))
([8de50d6](https://togithub.com/aws/aws-cdk/commit/8de50d624c8703a12713dcffbc764688868f22b0))
- **redshift:** IAM roles can be attached to a cluster, post creation
([#&#8203;23791](https://togithub.com/aws/aws-cdk/issues/23791))
([1a46808](https://togithub.com/aws/aws-cdk/commit/1a46808b03e8f6d09846f999ae3dc65b190f5f26)),
closes [#&#8203;22632](https://togithub.com/aws/aws-cdk/issues/22632)
- **synthetics:** support runtime 3.9
([#&#8203;24101](https://togithub.com/aws/aws-cdk/issues/24101))
([9d23cad](https://togithub.com/aws/aws-cdk/commit/9d23caded8aca42d3b78de1bc7e89c38a4d6805e))

### [`v2.64.0`](https://togithub.com/aws/aws-cdk/releases/v2.64.0)

##### Features

- **cfnspec:** cloudformation spec v109.0.0
([#&#8203;23968](https://togithub.com/aws/aws-cdk/issues/23968))
([5d59134](https://togithub.com/aws/aws-cdk/commit/5d5913455da2cdb834feef708fb01f9e77df656f))
- **cfnspec:** cloudformation spec v109.0.0
([#&#8203;23984](https://togithub.com/aws/aws-cdk/issues/23984))
([affe040](https://togithub.com/aws/aws-cdk/commit/affe040c8443be074822254d1e75a28b264cd801))
- **cli:** --hotswap will not use CFN anymore, --hotswap-fallback to
fall back if necessary
([#&#8203;23653](https://togithub.com/aws/aws-cdk/issues/23653))
([a5317ca](https://togithub.com/aws/aws-cdk/commit/a5317ca52f05ebc34d9f22196ab0ef36d5cac967)),
closes [#&#8203;22784](https://togithub.com/aws/aws-cdk/issues/22784)
[#&#8203;21773](https://togithub.com/aws/aws-cdk/issues/21773)
[#&#8203;21556](https://togithub.com/aws/aws-cdk/issues/21556)
[#&#8203;23640](https://togithub.com/aws/aws-cdk/issues/23640)
- **elbv2:** add metrics to INetworkLoadBalancer and
IApplicationLoadBalancer
([#&#8203;23853](https://togithub.com/aws/aws-cdk/issues/23853))
([cb889bc](https://togithub.com/aws/aws-cdk/commit/cb889bc2c267654ca97e3d85a16a99a667d3584c)),
closes [#&#8203;10850](https://togithub.com/aws/aws-cdk/issues/10850)
- **iam:** implement IGrantable to Policy and ManagedPolicy
([#&#8203;22712](https://togithub.com/aws/aws-cdk/issues/22712))
([d3df40f](https://togithub.com/aws/aws-cdk/commit/d3df40ff89c70b9243ec175747eb398368067095)),
closes [#&#8203;10308](https://togithub.com/aws/aws-cdk/issues/10308)
- **lambda:** enable RuntimeManagementConfig
([#&#8203;23891](https://togithub.com/aws/aws-cdk/issues/23891))
([be4f971](https://togithub.com/aws/aws-cdk/commit/be4f97129f4237b39d0b99977eb597e2af49ed2a)),
closes [#&#8203;23890](https://togithub.com/aws/aws-cdk/issues/23890)
- **s3:** allow configuring S3 Object Lock
([#&#8203;23744](https://togithub.com/aws/aws-cdk/issues/23744))
([bdcd6c8](https://togithub.com/aws/aws-cdk/commit/bdcd6c890878fb71c480bf40964f1b6ea0a5f270)),
closes [#&#8203;5247](https://togithub.com/aws/aws-cdk/issues/5247)
[#&#8203;21738](https://togithub.com/aws/aws-cdk/issues/21738)

##### Bug Fixes

- Use the correct LB full name when creating metrics for imported LBs
([#&#8203;23972](https://togithub.com/aws/aws-cdk/issues/23972))
([16c23b7](https://togithub.com/aws/aws-cdk/commit/16c23b7554923bf6c2703ba5f229e6c34b459a2f)),
closes [#&#8203;23853](https://togithub.com/aws/aws-cdk/issues/23853)
- **cdk-assets:** asset concurrency leaves a corrupted archive
([#&#8203;24026](https://togithub.com/aws/aws-cdk/issues/24026))
([989454f](https://togithub.com/aws/aws-cdk/commit/989454f7e27f3cbf33180d8aab29d56472378126))
- **cdk-assets:** packaging assets is broken on Node older than 14.17
([#&#8203;23994](https://togithub.com/aws/aws-cdk/issues/23994))
([5bde92c](https://togithub.com/aws/aws-cdk/commit/5bde92c2ae29781aafd8c3817d08e93748c39885)),
closes [#&#8203;23859](https://togithub.com/aws/aws-cdk/issues/23859)
- **codedeploy:** cross-region referenced groups use wrong config
([#&#8203;23986](https://togithub.com/aws/aws-cdk/issues/23986))
([390ec78](https://togithub.com/aws/aws-cdk/commit/390ec78437a55ad68757f8ce812535e9bc149a2a))
- **core:** cross-stack reference error doesn't include violation
([#&#8203;23987](https://togithub.com/aws/aws-cdk/issues/23987))
([c7ad66f](https://togithub.com/aws/aws-cdk/commit/c7ad66fad6ca5aff5f2ae9754d263dea9d1de368))
- **ec2:** Cannot deploy VPC flow log with other resources that requires
bucket policies
([#&#8203;23889](https://togithub.com/aws/aws-cdk/issues/23889))
([e646ad5](https://togithub.com/aws/aws-cdk/commit/e646ad5b5496b176549f8c039a5ffabbf07403ff)),
closes [#&#8203;18985](https://togithub.com/aws/aws-cdk/issues/18985)
- **pipelines:** cannot configure actionName for all sources
([#&#8203;24027](https://togithub.com/aws/aws-cdk/issues/24027))
([9cd639b](https://togithub.com/aws/aws-cdk/commit/9cd639b0f83e65fbe531d56210f68e99874f506e))
- **s3:** infer bucketWebsiteUrl and bucketDomainName suffixes from
bucket region
([#&#8203;23919](https://togithub.com/aws/aws-cdk/issues/23919))
([252f052](https://togithub.com/aws/aws-cdk/commit/252f052d4239b320ac542c7db256683425ad7eba))
- **s3-deployment:** wrong URL in
BucketDeployment.deployedBucket.bucketWebsiteUrl
([#&#8203;24055](https://togithub.com/aws/aws-cdk/issues/24055))
([ece46db](https://togithub.com/aws/aws-cdk/commit/ece46dbd939383f240023172a491767b51eaa722)),
closes [#&#8203;23354](https://togithub.com/aws/aws-cdk/issues/23354)

***

#### Alpha modules (2.64.0-alpha.0)

##### Features

- **cloud9:** support setting environment owner
([#&#8203;23878](https://togithub.com/aws/aws-cdk/issues/23878))
([08a2f36](https://togithub.com/aws/aws-cdk/commit/08a2f363093f39d04026778bb8d5d7f673698b57)),
closes [#&#8203;22474](https://togithub.com/aws/aws-cdk/issues/22474)
- **redshift:** Tables can include comments
([#&#8203;23847](https://togithub.com/aws/aws-cdk/issues/23847))
([46cadd4](https://togithub.com/aws/aws-cdk/commit/46cadd4b2dd417e1484ba63389b33e1504cfd842)),
closes [#&#8203;22682](https://togithub.com/aws/aws-cdk/issues/22682)

##### Bug Fixes

- **servicecatalogappregistry:** default stack name is not meaningful
and causes conflict when multiple stacks deployed to the same
account-region
([#&#8203;23823](https://togithub.com/aws/aws-cdk/issues/23823))
([420b5ff](https://togithub.com/aws/aws-cdk/commit/420b5ff2bd08311f2c8cabbe0787c0e0bf4f8ae3))

### [`v2.63.2`](https://togithub.com/aws/aws-cdk/releases/v2.63.2)

***

#### Alpha modules (2.63.2-alpha.0)

### [`v2.63.1`](https://togithub.com/aws/aws-cdk/releases/v2.63.1)

##### Reverts

- **cdk-assets:** packaging assets is broken on Node older than 14.17
([#&#8203;23994](https://togithub.com/aws/aws-cdk/issues/23994))
([1976f1a](https://togithub.com/aws/aws-cdk/commit/1976f1a7f585b1adb582c5cb557b96ed38418fca)),
closes [#&#8203;23859](https://togithub.com/aws/aws-cdk/issues/23859)

***

#### Alpha modules (2.63.1-alpha.0)

### [`v2.63.0`](https://togithub.com/aws/aws-cdk/releases/v2.63.0)

##### Features

- **cfnspec:** cloudformation spec v109.0.0
([#&#8203;23868](https://togithub.com/aws/aws-cdk/issues/23868))
([8ee97b0](https://togithub.com/aws/aws-cdk/commit/8ee97b039fd6e26fc8a305f285c61a08da4bfdc4))
- **cfnspec:** cloudformation spec v109.0.0
([#&#8203;23929](https://togithub.com/aws/aws-cdk/issues/23929))
([39f8a30](https://togithub.com/aws/aws-cdk/commit/39f8a304dfc68c0cbe3bab0b1d567b8d361c99ab))
- **core:** add creation policy configuration for appstream
([#&#8203;23607](https://togithub.com/aws/aws-cdk/issues/23607))
([8909a04](https://togithub.com/aws/aws-cdk/commit/8909a04e13aa55eb102eac9f9f9ce74721e3fffc)),
closes [#&#8203;23604](https://togithub.com/aws/aws-cdk/issues/23604)
- **core:** allow asset bundling on docker remote host / docker in
docker ([#&#8203;23576](https://togithub.com/aws/aws-cdk/issues/23576))
([afce30a](https://togithub.com/aws/aws-cdk/commit/afce30a6e84a2f7e4eba499d3e71365a7939bef5)),
closes [#&#8203;8799](https://togithub.com/aws/aws-cdk/issues/8799)
- **stepfunctions:** task and heartbeat timeout specified by a path
([#&#8203;23755](https://togithub.com/aws/aws-cdk/issues/23755))
([26e48c7](https://togithub.com/aws/aws-cdk/commit/26e48c7b36fecf114ff771909b377a2570aa36b3)),
closes [#&#8203;15531](https://togithub.com/aws/aws-cdk/issues/15531)

##### Bug Fixes

- **appsync:** sanitized datasource name isn't exported
([#&#8203;23802](https://togithub.com/aws/aws-cdk/issues/23802))
([0b25265](https://togithub.com/aws/aws-cdk/commit/0b25265e5105d03fe6290e24462e45398695a11e))
- imports from ESM modules cannot find correct type definitions
([#&#8203;23870](https://togithub.com/aws/aws-cdk/issues/23870))
([356a128](https://togithub.com/aws/aws-cdk/commit/356a128c78b78154ef01ee81ea9d8a60fc569939))
- **eks:** reuse chart name as chart dir for helmchart deployment from
OCI repository
([#&#8203;23392](https://togithub.com/aws/aws-cdk/issues/23392))
([070f5ec](https://togithub.com/aws/aws-cdk/commit/070f5ecebfba8a3f9b5771b251ee9b584aa89b67))
- `aws-cdk-lib` imports from ESM modules are broken
([#&#8203;23846](https://togithub.com/aws/aws-cdk/issues/23846))
([cf2e498](https://togithub.com/aws/aws-cdk/commit/cf2e498d66f4e2c806ef473414b61e5748d41c7b)),
closes [#&#8203;23813](https://togithub.com/aws/aws-cdk/issues/23813)

***

#### Alpha modules (2.63.0-alpha.0)

##### Features

- **synthetics:** Adding DeleteLambdaResourcesOnCanaryDeletion prop to
the canary L2
([#&#8203;23820](https://togithub.com/aws/aws-cdk/issues/23820))
([45c191e](https://togithub.com/aws/aws-cdk/commit/45c191efa865e0aef6fc9d7fa4cd9d56d98a7cc9))
- **redshift:** support default role for redshift clusters
([#&#8203;22551](https://togithub.com/aws/aws-cdk/issues/22551))

### [`v2.62.2`](https://togithub.com/aws/aws-cdk/releases/v2.62.2)

##### Bug Fixes

- imports from ESM modules cannot find correct type definitions
([#&#8203;23870](https://togithub.com/aws/aws-cdk/issues/23870))
([1b9f3f7](https://togithub.com/aws/aws-cdk/commit/1b9f3f7d3fa447a21e9ed38026cc428f7797390f))

***

#### Alpha modules (2.62.2-alpha.0)

### [`v2.62.1`](https://togithub.com/aws/aws-cdk/releases/v2.62.1)

##### Bug Fixes

- `aws-cdk-lib` imports from ESM modules are broken
([#&#8203;23846](https://togithub.com/aws/aws-cdk/issues/23846))
([46b93a9](https://togithub.com/aws/aws-cdk/commit/46b93a913743ab5791b9ae722293dfbeb9692eef)),
closes [#&#8203;23813](https://togithub.com/aws/aws-cdk/issues/23813)

***

#### Alpha modules (2.62.1-alpha.0)

### [`v2.62.0`](https://togithub.com/aws/aws-cdk/releases/v2.62.0)

##### Features

- **certificatemanager:** deprecate DnsValidatedCertificate
([#&#8203;21982](https://togithub.com/aws/aws-cdk/issues/21982))
([64bfbf9](https://togithub.com/aws/aws-cdk/commit/64bfbf9b981a32a4db1b07476144d280d6eced32)),
closes [#&#8203;8934](https://togithub.com/aws/aws-cdk/issues/8934)
[#&#8203;2914](https://togithub.com/aws/aws-cdk/issues/2914)
[#&#8203;20698](https://togithub.com/aws/aws-cdk/issues/20698)
[#&#8203;17349](https://togithub.com/aws/aws-cdk/issues/17349)
[#&#8203;15217](https://togithub.com/aws/aws-cdk/issues/15217)
[#&#8203;14519](https://togithub.com/aws/aws-cdk/issues/14519)
- **cfnspec:** cloudformation spec v107.0.0
([#&#8203;23750](https://togithub.com/aws/aws-cdk/issues/23750))
([3dc40b4](https://togithub.com/aws/aws-cdk/commit/3dc40b4c9b660a8d50bc07646fa63ecbee6df958))
- **cfnspec:** cloudformation spec v108.0.0
([#&#8203;23769](https://togithub.com/aws/aws-cdk/issues/23769))
([ff0070d](https://togithub.com/aws/aws-cdk/commit/ff0070d61f18a6cdd77b027a7f6cd2baf976c3c9))
- **cfnspec:** cloudformation spec v108.0.0
([#&#8203;23808](https://togithub.com/aws/aws-cdk/issues/23808))
([858ff23](https://togithub.com/aws/aws-cdk/commit/858ff2363e110b355c2e9823664d087af991bb55))
- **lambda-event-sources:** events source mapping support for sqs max
concurrency
([#&#8203;23714](https://togithub.com/aws/aws-cdk/issues/23714))
([6dcec2d](https://togithub.com/aws/aws-cdk/commit/6dcec2d00363a286906dab19647816ddfd58f33a))
- **logs:** add grantRead function to LogGroup
([#&#8203;23280](https://togithub.com/aws/aws-cdk/issues/23280))
([42ef507](https://togithub.com/aws/aws-cdk/commit/42ef50706f60a7f452698166fa2d9c93ca54bc0d))

##### Bug Fixes

- **appsync:** Populate construct name dynamically for lambda authorizer
permission in appsync
([#&#8203;23777](https://togithub.com/aws/aws-cdk/issues/23777))
([92f02e9](https://togithub.com/aws/aws-cdk/commit/92f02e92905252ee7e4fff32751e76da5052b14b))
- importing `aws-cdk-lib` is slow
([#&#8203;23813](https://togithub.com/aws/aws-cdk/issues/23813))
([8aaeffb](https://togithub.com/aws/aws-cdk/commit/8aaeffbbb86e8a80cb87fa3314880bd7c2a893be))
- **bootstrap:** bootstrap stack version was not bumped during previous
update ([#&#8203;23669](https://togithub.com/aws/aws-cdk/issues/23669))
([f56cb70](https://togithub.com/aws/aws-cdk/commit/f56cb7004cc4f1017ded4b6a0593a744e8f6271e))
- **cfnspec:** incorrectly handling array result from jsondiff
([#&#8203;23795](https://togithub.com/aws/aws-cdk/issues/23795))
([4a701f1](https://togithub.com/aws/aws-cdk/commit/4a701f1668177a509f1e2f7f3c5d2249070ec666)),
closes
[/github.com/andreyvit/json-diff/blob/35582a9d19f8b0b2773360d67937e57ce2866781/test/diff_test.coffee#L78](https://togithub.com/aws//github.com/andreyvit/json-diff/blob/35582a9d19f8b0b2773360d67937e57ce2866781/test/diff_test.coffee/issues/L78)
- **cli:** only load sourcemap when `--debug` flag is enabled
([#&#8203;23752](https://togithub.com/aws/aws-cdk/issues/23752))
([94102c1](https://togithub.com/aws/aws-cdk/commit/94102c1210a4d7906a03c81a1845466c988c06e7))
- **codeguruprofiler:** imported profiling group environment configured
with stack region
([#&#8203;23568](https://togithub.com/aws/aws-cdk/issues/23568))
([8bfa695](https://togithub.com/aws/aws-cdk/commit/8bfa695881f6b78a052ca5276a63d78c1a8c0dda))
- **lambda:** lambda functions that use triggers error when invoked
([#&#8203;23728](https://togithub.com/aws/aws-cdk/issues/23728))
([37974ed](https://togithub.com/aws/aws-cdk/commit/37974ed91fda77a31aa99da75c1d7fb301135a5f)),
closes [#&#8203;23062](https://togithub.com/aws/aws-cdk/issues/23062)
[#&#8203;23062](https://togithub.com/aws/aws-cdk/issues/23062)
[#&#8203;23407](https://togithub.com/aws/aws-cdk/issues/23407)
[#&#8203;23407](https://togithub.com/aws/aws-cdk/issues/23407)
- **lambda-nodejs:** aws-sdk version detection broken for self-defined
runtimes
([#&#8203;23416](https://togithub.com/aws/aws-cdk/issues/23416))
([8a7dffd](https://togithub.com/aws/aws-cdk/commit/8a7dffdd056ad6e4e1609deb43ba790a020b4997)),
closes [#&#8203;22989](https://togithub.com/aws/aws-cdk/issues/22989)
[/github.com/aws/aws-cdk/pull/22989/files#diff-cd86fbd4f2bbefcbcffc2143adccabafa1debe5981edbcdfcc766b5a705fe770R371-R383](https://togithub.com/aws//github.com/aws/aws-cdk/pull/22989/files/issues/diff-cd86fbd4f2bbefcbcffc2143adccabafa1debe5981edbcdfcc766b5a705fe770R371-R383)

***

#### Alpha modules (2.62.0-alpha.0)

##### Features

- **apprunner:** apprunner secrets manager
([#&#8203;23692](https://togithub.com/aws/aws-cdk/issues/23692))
([a914fc0](https://togithub.com/aws/aws-cdk/commit/a914fc0614cd9aa634c5724c3474c99fd3888d98))

##### Bug Fixes

- **integ-runner:** cleanup tmp snapshot before running test
([#&#8203;23773](https://togithub.com/aws/aws-cdk/issues/23773))
([366f2ab](https://togithub.com/aws/aws-cdk/commit/366f2ab6fbedaf33630a40d5306746c6d363f05c))

### [`v2.61.1`](https://togithub.com/aws/aws-cdk/releases/v2.61.1)

##### Bug Fixes

- **lambda:** lambda functions that use triggers error when invoked
([#&#8203;23728](https://togithub.com/aws/aws-cdk/issues/23728))
([5fd9135](https://togithub.com/aws/aws-cdk/commit/5fd91352e4b625e003ee359563850852a50112ec)),
closes [#&#8203;23062](https://togithub.com/aws/aws-cdk/issues/23062)
[#&#8203;23062](https://togithub.com/aws/aws-cdk/issues/23062)
[#&#8203;23407](https://togithub.com/aws/aws-cdk/issues/23407)
[#&#8203;23407](https://togithub.com/aws/aws-cdk/issues/23407)

***

#### Alpha modules (2.61.1-alpha.0)

### [`v2.61.0`](https://togithub.com/aws/aws-cdk/releases/v2.61.0)

##### Features

- **cfnspec:** cloudformation spec v107.0.0
([#&#8203;23698](https://togithub.com/aws/aws-cdk/issues/23698))
([aca8a25](https://togithub.com/aws/aws-cdk/commit/aca8a256dcaf89b53f7af4f308b2f23e2e766902))
- **core:** stack synthesizers can be shared between stacks
([#&#8203;23571](https://togithub.com/aws/aws-cdk/issues/23571))
([0ce19f0](https://togithub.com/aws/aws-cdk/commit/0ce19f0e1217a4a41a3a9c27049ab73c7fbc320d))
- **logs:** add unit to metric filter
([#&#8203;23608](https://togithub.com/aws/aws-cdk/issues/23608))
([7cbe8ac](https://togithub.com/aws/aws-cdk/commit/7cbe8ac9286e5f7c3efb7f75aa859bf6b3bffecf))
- **opensearch:** add support for latest amazon opensearch service 2.3
([#&#8203;22943](https://togithub.com/aws/aws-cdk/issues/22943))
([0303d6f](https://togithub.com/aws/aws-cdk/commit/0303d6f7a71d2c70443df4433f0ff7554bcc4e56))
- **pipeline:** enable key rotation
([#&#8203;23620](https://togithub.com/aws/aws-cdk/issues/23620))
([29d7336](https://togithub.com/aws/aws-cdk/commit/29d733677c4962199a848933a7415b47abb23a2f))
- **route53-patterns:** use `Certificate` as the default certificate
(under feature flag)
([#&#8203;23575](https://togithub.com/aws/aws-cdk/issues/23575))
([77709c8](https://togithub.com/aws/aws-cdk/commit/77709c8328fe664c1fca50223c8e64325cb70461))

##### Bug Fixes

- **aws-s3:** log delivery may be incorrectly configured when target
bucket is imported
([#&#8203;23552](https://togithub.com/aws/aws-cdk/issues/23552))
([41327d8](https://togithub.com/aws/aws-cdk/commit/41327d8e815b80c9148bd33751fdf1b70c3bc9cd)),
closes [#&#8203;23547](https://togithub.com/aws/aws-cdk/issues/23547)
[#&#8203;23588](https://togithub.com/aws/aws-cdk/issues/23588)
- **cdk-assets:** concurrent asset builds can leave a corrupted archive
([#&#8203;23677](https://togithub.com/aws/aws-cdk/issues/23677))
([18e0481](https://togithub.com/aws/aws-cdk/commit/18e0481a3bbcb92bd22ce4e83d4f02e03e484307)),
closes [#&#8203;23290](https://togithub.com/aws/aws-cdk/issues/23290)
- **cli:** can not assume role from 2-level SSO
([#&#8203;23702](https://togithub.com/aws/aws-cdk/issues/23702))
([c3a345b](https://togithub.com/aws/aws-cdk/commit/c3a345be0eeb26e1b410d68643740f0aea8af4d7)),
closes [#&#8203;23520](https://togithub.com/aws/aws-cdk/issues/23520)
- **cloudtrail:** Trail fails during resource creation due to invalid
template properties when management events are 'None'
([#&#8203;23569](https://togithub.com/aws/aws-cdk/issues/23569))
([15ced88](https://togithub.com/aws/aws-cdk/commit/15ced888718531ddc59402f0c886c9b4f1fea67b)),
closes [#&#8203;16387](https://togithub.com/aws/aws-cdk/issues/16387)
[#&#8203;15488](https://togithub.com/aws/aws-cdk/issues/15488)
- **lambda:** ever-changing Version hash with LayerVersion from tokens
([#&#8203;23629](https://togithub.com/aws/aws-cdk/issues/23629))
([88fc62d](https://togithub.com/aws/aws-cdk/commit/88fc62d215d8c4aa3a4c423a06571ec45b51cec6))
- **pipelines:** cross-stack step dependencies have wrong name
([#&#8203;23594](https://togithub.com/aws/aws-cdk/issues/23594))
([0d8142b](https://togithub.com/aws/aws-cdk/commit/0d8142bf6860cbebab9c1704f6ebf59b17a5704f)),
closes [#&#8203;21843](https://togithub.com/aws/aws-cdk/issues/21843)
- **servicecatalog:** incorrect objectkey produced from asset relative…
([#&#8203;23580](https://togithub.com/aws/aws-cdk/issues/23580))
([b4a6120](https://togithub.com/aws/aws-cdk/commit/b4a6120af01b46bc688eebb8f8bb6fbde7f481fe)),
closes [#&#8203;23560](https://togithub.com/aws/aws-cdk/issues/23560)
- **stepfunctions-tasks:** fix IAM policy statements for step functions
API calls
([#&#8203;22959](https://togithub.com/aws/aws-cdk/issues/22959))
([dce662c](https://togithub.com/aws/aws-cdk/commit/dce662cae6eb493770d3c6f700c92a0b6c235195))

***

#### Alpha modules (2.61.0-alpha.0)

##### Features

- **cli-lib:** \[JS/TS only] experimental support for programmatic CLI
api ([#&#8203;22836](https://togithub.com/aws/aws-cdk/issues/22836))
([0b6b716](https://togithub.com/aws/aws-cdk/commit/0b6b7166c3f0348cc33fd3a0d19637351ea3b05b))

##### Bug Fixes

- **glue:** --conf parameter is no longer a reserved keyword for glue
jobs ([#&#8203;23673](https://togithub.com/aws/aws-cdk/issues/23673))
([3d0f4ba](https://togithub.com/aws/aws-cdk/commit/3d0f4ba6dd92ad7b91b00fad6cbab873964683fc))
- **servicecatalogappregistry:** outputs are not deployable
([#&#8203;23652](https://togithub.com/aws/aws-cdk/issues/23652))
([fa9eef0](https://togithub.com/aws/aws-cdk/commit/fa9eef081ead451a4d38bf083eda02af09fff482)),
closes [#&#8203;23641](https://togithub.com/aws/aws-cdk/issues/23641)

### [`v2.60.0`](https://togithub.com/aws/aws-cdk/releases/v2.60.0)

##### Features

- **appsync:** js resolver support
([#&#8203;23551](https://togithub.com/aws/aws-cdk/issues/23551))
([2318384](https://togithub.com/aws/aws-cdk/commit/231838409cc1409c137ff27086e853ce2b0fbf1c)),
closes [#&#8203;22921](https://togithub.com/aws/aws-cdk/issues/22921)
- **appsync:** stabilize appsync module 🎆🎆 🎆
([#&#8203;23633](https://togithub.com/aws/aws-cdk/issues/23633))
([e5b0230](https://togithub.com/aws/aws-cdk/commit/e5b023089e168c50eda83a11db0e697b96caf7e9)),
closes [#&#8203;6836](https://togithub.com/aws/aws-cdk/issues/6836)
- **cfnspec:** cloudformation spec v106.0.0
([#&#8203;23586](https://togithub.com/aws/aws-cdk/issues/23586))
([f178c98](https://togithub.com/aws/aws-cdk/commit/f178c98d4473d8bb8d46d80c076fa520d03c623b))
- **cloudfront:** remove headers and server timing
([#&#8203;23558](https://togithub.com/aws/aws-cdk/issues/23558))
([44a4812](https://togithub.com/aws/aws-cdk/commit/44a4812778d87af27809e5a733c6e5ea6b65004b))
- **cognito:** use secretsmanager secrets for clientSecretValue
([#&#8203;22885](https://togithub.com/aws/aws-cdk/issues/22885))
([4baea78](https://togithub.com/aws/aws-cdk/commit/4baea78f415566dea499f4ce49fc24d4dc7c4ef7))
- **ec2:** subnet ipv4 cidr blocks on imported vpc
([#&#8203;23317](https://togithub.com/aws/aws-cdk/issues/23317))
([e0885db](https://togithub.com/aws/aws-cdk/commit/e0885db29c8b45cfe9da1df8b55af2bf78892a04))
- **ecr-assets:** Support docker outputs flag
([#&#8203;23304](https://togithub.com/aws/aws-cdk/issues/23304))
([61e5495](https://togithub.com/aws/aws-cdk/commit/61e5495105e06aba4c027fb33ae031da09a3ff33)),
closes [#&#8203;20566](https://togithub.com/aws/aws-cdk/issues/20566)
- **pipelines:** Expose stack output namespaces in custom
`pipelines.Step`s
([#&#8203;23110](https://togithub.com/aws/aws-cdk/issues/23110))
([14f6811](https://togithub.com/aws/aws-cdk/commit/14f6811b89a0ae374863a3b2bdd36997ce67883e)),
closes
[/github.com/aws/aws-cdk/issues/23000#issuecomment-1324379670](https://togithub.com/aws//github.com/aws/aws-cdk/issues/23000/issues/issuecomment-1324379670)

##### Bug Fixes

- **acm:** domainName length constraint failure due to Tokens
([#&#8203;23567](https://togithub.com/aws/aws-cdk/issues/23567))
([2d7e3c0](https://togithub.com/aws/aws-cdk/commit/2d7e3c0e9edfb8f3e30dc0c1efaeb03fde19db7c)),
closes [#&#8203;23565](https://togithub.com/aws/aws-cdk/issues/23565)
- **aws-custom-resource:** switch off `installLatestAwsSdk` by default
([#&#8203;23591](https://togithub.com/aws/aws-cdk/issues/23591))
([c9b2548](https://togithub.com/aws/aws-cdk/commit/c9b2548126f01fd918009df0a42f0ab4c5e69cc3)),
closes [#&#8203;23113](https://togithub.com/aws/aws-cdk/issues/23113)
- **bootstrap:** KMS keys cannot be tagged
([#&#8203;21975](https://togithub.com/aws/aws-cdk/issues/21975))
([0e552db](https://togithub.com/aws/aws-cdk/commit/0e552dbb63a97cd6a7a65cae80ae863609237e61)),
closes [#&#8203;21281](https://togithub.com/aws/aws-cdk/issues/21281)
- **events:** cross stack rules require concrete environment
([#&#8203;23549](https://togithub.com/aws/aws-cdk/issues/23549))
([22d3341](https://togithub.com/aws/aws-cdk/commit/22d3341c2239b046473ded3fcbc85b5cbc4a37a1)),
closes [#&#8203;18405](https://togithub.com/aws/aws-cdk/issues/18405)
- **iam:** create stack based default policies for roles
([#&#8203;23100](https://togithub.com/aws/aws-cdk/issues/23100))
([dea4216](https://togithub.com/aws/aws-cdk/commit/dea4216a3f2e6727a6bc49d632c03b3f0a416947))
- **lambda:** automatic `currentVersion` conflicts with explicit
`Version` resource
([#&#8203;23636](https://togithub.com/aws/aws-cdk/issues/23636))
([de68652](https://togithub.com/aws/aws-cdk/commit/de6865229ee824c01431ae27509dbcd3e1a83763)),
closes [#&#8203;23225](https://togithub.com/aws/aws-cdk/issues/23225)

***

#### Alpha modules (2.60.0-alpha.0)

##### Features

- **gamelift:** add MatchmakingConfiguration L2 Construct for GameLift
([#&#8203;23326](https://togithub.com/aws/aws-cdk/issues/23326))
([9b2573b](https://togithub.com/aws/aws-cdk/commit/9b2573b32e8535d3db21f07647f099c9e01eb292))
- **integ-runner:** support `--language` presets for JavaScript,
TypeScript, Python and Go
([#&#8203;22058](https://togithub.com/aws/aws-cdk/issues/22058))
([22673b2](https://togithub.com/aws/aws-cdk/commit/22673b2ea40c13b6c10a2c7c628ce5cc534f5840)),
closes [#&#8203;21169](https://togithub.com/aws/aws-cdk/issues/21169)

### [`v2.59.0`](https://togithub.com/aws/aws-cdk/releases/v2.59.0)

##### Features

- **cfnspec:** cloudformation spec v105.0.0
([#&#8203;23501](https://togithub.com/aws/aws-cdk/issues/23501))
([72bd3a0](https://togithub.com/aws/aws-cdk/commit/72bd3a0ce96c9fd98bbf2f3eb76db1336c8a3029))
- **s3:** use Bucket Policy for Server Access Logging grant (under
feature flag)
([#&#8203;23386](https://togithub.com/aws/aws-cdk/issues/23386))
([6975a7e](https://togithub.com/aws/aws-cdk/commit/6975a7ea06a5680bebd38ad5c26ab5bd566d33b1)),
closes [#&#8203;22183](https://togithub.com/aws/aws-cdk/issues/22183)
- **servicecatalog:** Add Product Stack Asset Support
([#&#8203;22857](https://togithub.com/aws/aws-cdk/issues/22857))
([ceaac3a](https://togithub.com/aws/aws-cdk/commit/ceaac3ad49fcfdb89ec80c2784934589542e80b6)),
closes [#&#8203;20690](https://togithub.com/aws/aws-cdk/issues/20690)

##### Bug Fixes

- **lambda-nodejs:** unable to use `nodeModules` with pnpm
([#&#8203;21911](https://togithub.com/aws/aws-cdk/issues/21911))
([7c752db](https://togithub.com/aws/aws-cdk/commit/7c752db4aa83b242098483fc006c1100d1be11a9)),
closes [#&#8203;21910](https://togithub.com/aws/aws-cdk/issues/21910)
- **servicecatalog:** make assetBuckets a required property
([#&#8203;23507](https://togithub.com/aws/aws-cdk/issues/23507))
([10b6b96](https://togithub.com/aws/aws-cdk/commit/10b6b96f35ac32a60aa2bf4ea1856158392ae8ad))

***

#### Alpha modules (2.59.0-alpha.0)

### [`v2.58.1`](https://togithub.com/aws/aws-cdk/releases/v2.58.1)

##### Features

- **cfnspec:** cloudformation spec v105.0.0
([#&#8203;23501](https://togithub.com/aws/aws-cdk/issues/23501))
([05c3411](https://togithub.com/aws/aws-cdk/commit/05c3411047ce1d5ad4f2d6e564a6b8d20f76bea6))

***

#### Alpha modules (2.58.1-alpha.0)

### [`v2.58.0`](https://togithub.com/aws/aws-cdk/releases/v2.58.0)

##### Features

- **assertions:** improve printing of match failures
([#&#8203;23453](https://togithub.com/aws/aws-cdk/issues/23453))
([2676386](https://togithub.com/aws/aws-cdk/commit/267638674474c4cac9be5ca0d7f8b9a538ba2e39))

***

#### Alpha modules (2.58.0-alpha.0)

### [`v2.57.0`](https://togithub.com/aws/aws-cdk/releases/v2.57.0)

##### Features

- **cfnspec:** cloudformation spec v103.0.0
([#&#8203;23452](https://togithub.com/aws/aws-cdk/issues/23452))
([e49e57d](https://togithub.com/aws/aws-cdk/commit/e49e57d3106f62c5d64c428cba73b4107d664cba))
- **lambda:** add support for auto-instrumentation with ADOT Lambda
layer ([#&#8203;23027](https://togithub.com/aws/aws-cdk/issues/23027))
([fc70535](https://togithub.com/aws/aws-cdk/commit/fc70535fe699e72332d5ddb4543308e76a89594a))

##### Bug Fixes

- **cfnspec:** v101.0.0 introduced specific types on several types that
previously were typed as json
([#&#8203;23448](https://togithub.com/aws/aws-cdk/issues/23448))
([4fbc182](https://togithub.com/aws/aws-cdk/commit/4fbc1827b8978262da0b5b77b1ee9bc0ecfdcc3e))
- **codedeploy:** referenced Applications are not environment-aware
([#&#8203;23405](https://togithub.com/aws/aws-cdk/issues/23405))
([96242d7](https://togithub.com/aws/aws-cdk/commit/96242d73c0ae853524a567aece86f8a8a514495c))
- **s3:** buckets with SSE-KMS silently fail to receive logs
([#&#8203;23385](https://togithub.com/aws/aws-cdk/issues/23385))
([1b7a384](https://togithub.com/aws/aws-cdk/commit/1b7a384c330d168d64c0cd82118e5b5473d08a67))

***

#### Alpha modules (2.57.0-alpha.0)

##### Bug Fixes

- **aws-redshift:** Columns are not dropped on removal from array
([#&#8203;23011](https://togithub.com/aws/aws-cdk/issues/23011))
([2981313](https://togithub.com/aws/aws-cdk/commit/298131312b513c0e73865e6fff74c189ee99e328)),
closes [#&#8203;22208](https://togithub.com/aws/aws-cdk/issues/22208)

### [`v2.56.1`](https://togithub.com/aws/aws-cdk/releases/v2.56.1)

##### Bug Fixes

- **cfnspec:** v101.0.0 introduced specific types on several types that
previously were typed as json
([#&#8203;23448](https://togithub.com/aws/aws-cdk/issues/23448))
([1b4e3a4](https://togithub.com/aws/aws-cdk/commit/1b4e3a4b503d5d08e976ccf245c20f4430bcba46))

***

#### Alpha modules (2.56.1-alpha.0)

### [`v2.56.0`](https://togithub.com/aws/aws-cdk/releases/v2.56.0)

##### Features

- **aws-cognito:** add AuthSessionValidity property on a UserPoolClient
([#&#8203;23040](https://togithub.com/aws/aws-cdk/issues/23040))
([8896fb9](https://togithub.com/aws/aws-cdk/commit/8896fb902ad9c8d91a5ddb63df64963186bd09e1)),
closes [#&#8203;22854](https://togithub.com/aws/aws-cdk/issues/22854)
- **cfnspec:** cloudformation spec v102.0.0
([#&#8203;23372](https://togithub.com/aws/aws-cdk/issues/23372))
([480b0a5](https://togithub.com/aws/aws-cdk/commit/480b0a5098e51248bbf36ebf2bcec57cc791c2b0))
- **core:** CfnResource dependency methods
([#&#8203;23383](https://togithub.com/aws/aws-cdk/issues/23383))
([ecedb00](https://togithub.com/aws/aws-cdk/commit/ecedb00ee3a3cfcaa2564a679fa635aff38f32d8)),
closes [#&#8203;20419](https://togithub.com/aws/aws-cdk/issues/20419)
[#&#8203;20418](https://togithub.com/aws/aws-cdk/issues/20418)
- **lambda:** expose all docker run options to container bundling of all
lambda variants
([#&#8203;23318](https://togithub.com/aws/aws-cdk/issues/23318))
([02d0876](https://togithub.com/aws/aws-cdk/commit/02d0876bbb196e9fbeb32d977e7cf65229c8559d)),
closes [#&#8203;22829](https://togithub.com/aws/aws-cdk/issues/22829)
- **trigger:** Allow trigger to work with Lambda functions with long
timeouts
([#&#8203;23062](https://togithub.com/aws/aws-cdk/issues/23062))
([9fd3811](https://togithub.com/aws/aws-cdk/commit/9fd3811b3213a227b84d79348e635a520fc537c7)),
closes [#&#8203;23058](https://togithub.com/aws/aws-cdk/issues/23058)

##### Bug Fixes

- **apigateway:** allow multi-level base path mapping
([#&#8203;23362](https://togithub.com/aws/aws-cdk/issues/23362))
([86b6c6f](https://togithub.com/aws/aws-cdk/commit/86b6c6f796cbd15b7c53a4c04

</details>

---

### Configuration

📅 **Schedule**: At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, click
this checkbox.

---

This PR has been generated by [Renovate
Bot](https://togithub.com/renovatebot/renovate).
brighid-bot added a commit to cythral/brighid-discord-adapter that referenced this pull request Mar 29, 2023
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [Amazon.CDK.Lib](https://togithub.com/aws/aws-cdk) | nuget | minor |
`2.46.0` -> `2.71.0` |

---

### Release Notes

<details>
<summary>aws/aws-cdk</summary>

### [`v2.71.0`](https://togithub.com/aws/aws-cdk/releases/v2.71.0)

##### Features

- **core:** template validation after synthesis
([#&#8203;23951](https://togithub.com/aws/aws-cdk/issues/23951))
([91d6509](https://togithub.com/aws/aws-cdk/commit/91d6509ce43285a20aca85d45e4017b7dcfbe49f))

##### Bug Fixes

- **lambda-nodejs:** pnpm no longer supports nodejs14.x
([#&#8203;24821](https://togithub.com/aws/aws-cdk/issues/24821))
([a8e9370](https://togithub.com/aws/aws-cdk/commit/a8e9370012798a339f6d66f5d441723dd9984c86))

***

#### Alpha modules (2.71.0-alpha.0)

### [`v2.70.0`](https://togithub.com/aws/aws-cdk/releases/v2.70.0)

##### Features

- **cfnspec:** cloudformation spec v116.0.0
([#&#8203;24662](https://togithub.com/aws/aws-cdk/issues/24662))
([e8158af](https://togithub.com/aws/aws-cdk/commit/e8158af34eb6402c79edbc171746fb5501775c68))
- **cloudwatch:** added defaultInterval prop to cw-dashboard
([#&#8203;24707](https://togithub.com/aws/aws-cdk/issues/24707))
([d4717cf](https://togithub.com/aws/aws-cdk/commit/d4717cf035c9f7027d8081ea1f15a631044315e8))
- **ec2:** CFN-init support for systemd
([#&#8203;24683](https://togithub.com/aws/aws-cdk/issues/24683))
([f3fe8e1](https://togithub.com/aws/aws-cdk/commit/f3fe8e1c4348194f89b47a276e6c85328b1044fa))
- **ec2:** SSM sessions
([#&#8203;24673](https://togithub.com/aws/aws-cdk/issues/24673))
([9744a82](https://togithub.com/aws/aws-cdk/commit/9744a8295fab28f1e8c38a0b980935f7546990e6))
- **ecr:** add option to auto delete images upon ECR repository removal
([#&#8203;24572](https://togithub.com/aws/aws-cdk/issues/24572))
([7de5b00](https://togithub.com/aws/aws-cdk/commit/7de5b00dcf24c4f6721317860c7e42c485e3ca58)),
closes [#&#8203;15932](https://togithub.com/aws/aws-cdk/issues/15932)
[#&#8203;12618](https://togithub.com/aws/aws-cdk/issues/12618)
[#&#8203;15932](https://togithub.com/aws/aws-cdk/issues/15932)
- **elasticloadbalancing:** classic load balancer supports ec2 instances
([#&#8203;24353](https://togithub.com/aws/aws-cdk/issues/24353))
([25b6edd](https://togithub.com/aws/aws-cdk/commit/25b6edd9d83e4766a2cb064b8eb8e3c6198b4f53)),
closes [#&#8203;23500](https://togithub.com/aws/aws-cdk/issues/23500)
- **servicecatalogappregistry-alpha:** Introduce flag to control
application sharing and association behavior for cross-account stacks
([#&#8203;24408](https://togithub.com/aws/aws-cdk/issues/24408))
([2167289](https://togithub.com/aws/aws-cdk/commit/2167289658e8f3431ec815c741277dc1be1aa110)),
closes
[aws-cdk/aws-servicecatalogappregistry/lib/aspects/stack-associator.ts#L91-L95](https://togithub.com/aws-cdk/aws-servicecatalogappregistry/lib/aspects/stack-associator.ts/issues/L91-L95)

##### Bug Fixes

- **bootstrap:** remove Security Hub finding KMS.2
([#&#8203;24588](https://togithub.com/aws/aws-cdk/issues/24588))
([274c3d5](https://togithub.com/aws/aws-cdk/commit/274c3d54dcc0b9534d1ede287fe3672ec9883dbe)),
closes
[/docs.aws.amazon.com/securityhub/latest/userguide/kms-controls.html#kms-2](https://togithub.com/aws//docs.aws.amazon.com/securityhub/latest/userguide/kms-controls.html/issues/kms-2)
- **cli:** no change deployment prints "hotswap deployment skipped"
without hotswap flag
([#&#8203;24602](https://togithub.com/aws/aws-cdk/issues/24602))
([79151fd](https://togithub.com/aws/aws-cdk/commit/79151fd7f4916defeb1e17d3bcdbec1e119ec994))
- **cli:** user agent is reported as `undefined/undefined`
([#&#8203;24663](https://togithub.com/aws/aws-cdk/issues/24663))
([3e8d8d8](https://togithub.com/aws/aws-cdk/commit/3e8d8d8e1b9a88376a6460094dea0c08ce19742e))
- **eks:** fail to update cluster by disabling logging props
([#&#8203;24688](https://togithub.com/aws/aws-cdk/issues/24688))
([767cf93](https://togithub.com/aws/aws-cdk/commit/767cf93eb131c707f8243e8f3779dd3bad89271a))
- **sfn:** stop replacing JsonPath.DISCARD with `null`
([#&#8203;24717](https://togithub.com/aws/aws-cdk/issues/24717))
([413b643](https://togithub.com/aws/aws-cdk/commit/413b64347f333573b2a07150e87244bd4c11d264)),
closes [#&#8203;24593](https://togithub.com/aws/aws-cdk/issues/24593)
- **toolkit:** RWLock.acquireRead is not re-entrant
([#&#8203;24702](https://togithub.com/aws/aws-cdk/issues/24702))
([3b7431b](https://togithub.com/aws/aws-cdk/commit/3b7431b6ac27f8557c22a8959ae1ce431f6d2167))
- **WAFv2:** add patch to revert struct names
([#&#8203;24651](https://togithub.com/aws/aws-cdk/issues/24651))
([dfa09d1](https://togithub.com/aws/aws-cdk/commit/dfa09d133523f0457a9ab2369bde13b44c398c30)),
closes
[/github.com/aws/aws-cdk/commit/affe040c8443be074822254d1e75a28b264cd801#diff-827a2fd012e049c7ccedffa0360c12e7d967a173f36b8150de73ef6adc42ee4cL175-L357](https://togithub.com/aws//github.com/aws/aws-cdk/commit/affe040c8443be074822254d1e75a28b264cd801/issues/diff-827a2fd012e049c7ccedffa0360c12e7d967a173f36b8150de73ef6adc42ee4cL175-L357)

***

#### Alpha modules (2.70.0-alpha.0)

##### ⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

- **servicecatalogappregistry:** This commit contains destructive
changes to the RAM Share.
Since the application RAM share name is calculated by the application
construct, where one method is added. Integration test detects a
breaking change where RAM share will be created. Integration test
snapshot is updated to cater this destructive change.

##### Features

- **servicecatalogappregistry:** add attribute groups to an application
([#&#8203;24672](https://togithub.com/aws/aws-cdk/issues/24672))
([7baffa2](https://togithub.com/aws/aws-cdk/commit/7baffa239a7904cd73ac73537101ed5bd40aa9a0))

### [`v2.69.0`](https://togithub.com/aws/aws-cdk/releases/v2.69.0)

##### Features

- **custom-resources:** AwsCustomResource copy physicalResourceId from
request when omit it in onUpdate
([#&#8203;24194](https://togithub.com/aws/aws-cdk/issues/24194))
([21ad7a7](https://togithub.com/aws/aws-cdk/commit/21ad7a7a0462a00c491ed104163d2065828a9aa1)),
closes [#&#8203;23843](https://togithub.com/aws/aws-cdk/issues/23843)
- **docdb:** added ability to enable performance insights
([#&#8203;24039](https://togithub.com/aws/aws-cdk/issues/24039))
([c897f44](https://togithub.com/aws/aws-cdk/commit/c897f44ea438487a8bf48053dead667c35cade02)),
closes [#&#8203;24036](https://togithub.com/aws/aws-cdk/issues/24036)
- **ecr-assets:** Support cache-from and cache-to flags
([#&#8203;24024](https://togithub.com/aws/aws-cdk/issues/24024))
([4e02566](https://togithub.com/aws/aws-cdk/commit/4e02566fab0f6c6708c9ee766e2805adbb329f18))
- **eks:** support for Kubernetes version 1.25
([#&#8203;24484](https://togithub.com/aws/aws-cdk/issues/24484))
([70fd3e9](https://togithub.com/aws/aws-cdk/commit/70fd3e97e5b3555f4036ada6e562cec4359cadeb)),
closes [#&#8203;24282](https://togithub.com/aws/aws-cdk/issues/24282)
- **rds:** add support for minor versions of PostgreSQL: 14.7, 13.10,
12.14, and 11.19
([#&#8203;24539](https://togithub.com/aws/aws-cdk/issues/24539))
([15cb919](https://togithub.com/aws/aws-cdk/commit/15cb919fab9d20d0e8f0485662131cbb10980269))
- **rds:** PostgreSQL engine version 15.2
([#&#8203;24463](https://togithub.com/aws/aws-cdk/issues/24463))
([59d795b](https://togithub.com/aws/aws-cdk/commit/59d795b6e8d77b2d2d099169eaeb83a66c9d6a1a)),
closes [#&#8203;24462](https://togithub.com/aws/aws-cdk/issues/24462)

##### Bug Fixes

- **custom-resource:** custom resources fail with data containing
multi-byte utf8 chars
([#&#8203;24501](https://togithub.com/aws/aws-cdk/issues/24501))
([9bd5078](https://togithub.com/aws/aws-cdk/commit/9bd507842f567ee3e450c3f44e5c3dccc7c42ae6)),
closes [#&#8203;24491](https://togithub.com/aws/aws-cdk/issues/24491)
- **ecr-assets:** prefix cache arguments correctly
([#&#8203;24524](https://togithub.com/aws/aws-cdk/issues/24524))
([d451b30](https://togithub.com/aws/aws-cdk/commit/d451b3014a1d39e0a6ea18c2ec79a547b187adc5))
- **pipelines:** Ubuntu 5 images will be slow, move to Ubuntu 6
([#&#8203;24544](https://togithub.com/aws/aws-cdk/issues/24544))
([1f62c43](https://togithub.com/aws/aws-cdk/commit/1f62c438fb68332a492b624bad65159cc9c0308f))
- **sfn:** can't override toStateJson() from other languages
([#&#8203;24593](https://togithub.com/aws/aws-cdk/issues/24593))
([e955d18](https://togithub.com/aws/aws-cdk/commit/e955d18052b8ec397c06ae6994b96bb7558e12bb)),
closes [#&#8203;14639](https://togithub.com/aws/aws-cdk/issues/14639)

***

#### Alpha modules (2.69.0-alpha.0)

##### Features

- **kinesisanalytics-flink:** VPC support for Flink applications
([#&#8203;24442](https://togithub.com/aws/aws-cdk/issues/24442))
([7c7ad6d](https://togithub.com/aws/aws-cdk/commit/7c7ad6d18bd0d48a30858c1964d27d8a02b274ae)),
closes
[40aws-cdk/aws-lambda/lib/function.ts#L170](https://togithub.com/40aws-cdk/aws-lambda/lib/function.ts/issues/L170)
[#&#8203;21104](https://togithub.com/aws/aws-cdk/issues/21104)

### [`v2.68.0`](https://togithub.com/aws/aws-cdk/releases/v2.68.0)

##### Bug Fixes

- **apprunner-alpha:** env vars and secrets can't solely be added via
.add\*() methods
([#&#8203;24346](https://togithub.com/aws/aws-cdk/issues/24346))
([45195b6](https://togithub.com/aws/aws-cdk/commit/45195b6f2e5162eaa795d3a412d89dd09680aa8b)),
closes [#&#8203;24345](https://togithub.com/aws/aws-cdk/issues/24345)
- **cli:** cannot `cdk import` resources with multiple identifiers
([#&#8203;24439](https://togithub.com/aws/aws-cdk/issues/24439))
([a70ff1a](https://togithub.com/aws/aws-cdk/commit/a70ff1ad332af780c052e3117b73df060deee7ae)),
closes [#&#8203;20895](https://togithub.com/aws/aws-cdk/issues/20895)
- **core:** Fix dotnet version check to allow .NET 7.0
([#&#8203;24467](https://togithub.com/aws/aws-cdk/issues/24467))
([a4856e9](https://togithub.com/aws/aws-cdk/commit/a4856e997684f84476fe92e00afcd4da76a69b04)),
closes [#&#8203;24466](https://togithub.com/aws/aws-cdk/issues/24466)
- **lambda-nodejs:** esbuild preCompilation tsconfig precedence is wrong
([#&#8203;23871](https://togithub.com/aws/aws-cdk/issues/23871))
([790a709](https://togithub.com/aws/aws-cdk/commit/790a709d758333f4622c5fb860d9bbb48dee7106))
- **lambda-nodejs:** Required auto prefix of `handler` with `index.`
breaks custom non-`index` handler settings used by layers
([#&#8203;24406](https://togithub.com/aws/aws-cdk/issues/24406))
([d7a1c34](https://togithub.com/aws/aws-cdk/commit/d7a1c34e540e12413319918a5d807060057a1a1b)),
closes [#&#8203;24403](https://togithub.com/aws/aws-cdk/issues/24403)
- **rds:** add clusterResourceIdentifier property to database cluster
([#&#8203;23605](https://togithub.com/aws/aws-cdk/issues/23605))
([6bda4e5](https://togithub.com/aws/aws-cdk/commit/6bda4e5ae4205a917a00714433f136550c59e409))

***

#### Alpha modules (2.68.0-alpha.0)

##### ⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

- **servicecatalogappregistry:** This commit contains destructive
changes to the RAM Share.
Since the application RAM share name is calculated by the application
construct, where one property is removed. Integration test detects a
breaking change where RAM share will be created. Integration test
snapshot is updated to cater this destructive change.

##### Features

- **msk:** add Kafka version 3.3.2
([#&#8203;24440](https://togithub.com/aws/aws-cdk/issues/24440))
([1b2014e](https://togithub.com/aws/aws-cdk/commit/1b2014eef9e3f2190b2cce79c55f635cc1f167e3)),
closes [#&#8203;24432](https://togithub.com/aws/aws-cdk/issues/24432)
- **redshift:** column compression encodings and comments can now be
customised
([#&#8203;24177](https://togithub.com/aws/aws-cdk/issues/24177))
([1ca3e00](https://togithub.com/aws/aws-cdk/commit/1ca3e0027323e84aacade4d9bd058bbc5687a7ab)),
closes [#&#8203;24165](https://togithub.com/aws/aws-cdk/issues/24165)
[#&#8203;23597](https://togithub.com/aws/aws-cdk/issues/23597)
[#&#8203;22506](https://togithub.com/aws/aws-cdk/issues/22506)
- **redshift:** columns require an id attribute (under feature flag)
([#&#8203;24272](https://togithub.com/aws/aws-cdk/issues/24272))
([9a07ab0](https://togithub.com/aws/aws-cdk/commit/9a07ab008d1b6d23e9a302921f1a5165a21fb128)),
closes [#&#8203;24234](https://togithub.com/aws/aws-cdk/issues/24234)

##### Bug Fixes

- **servicecatalogappregistry:** allow disabling automatic CfnOutput
([#&#8203;24483](https://togithub.com/aws/aws-cdk/issues/24483))
([3db1a0d](https://togithub.com/aws/aws-cdk/commit/3db1a0d0bcf615871a225919eed235b78904e144)),
closes [#&#8203;23779](https://togithub.com/aws/aws-cdk/issues/23779)
- **servicecatalogappregistry:** Associate an application with attribute
group ([#&#8203;24378](https://togithub.com/aws/aws-cdk/issues/24378))
([d1264c1](https://togithub.com/aws/aws-cdk/commit/d1264c1c414257fb8dd5288fdc24cfe9605cdf90))

### [`v2.67.0`](https://togithub.com/aws/aws-cdk/releases/v2.67.0)

##### Features

- **apigateway:** minCompressionSize on SpecRestApi
([#&#8203;24067](https://togithub.com/aws/aws-cdk/issues/24067))
([2a81f0f](https://togithub.com/aws/aws-cdk/commit/2a81f0f7d9eb73cd0e807904357a5daf7d6e5017)),
closes [#&#8203;22926](https://togithub.com/aws/aws-cdk/issues/22926)
- **bootstrap:** prevent accidental bootstrap overwrites
([#&#8203;24302](https://togithub.com/aws/aws-cdk/issues/24302))
([3b251a5](https://togithub.com/aws/aws-cdk/commit/3b251a5e8e74332076c9e5dc810a80775fa77d61))
- **cli:** update csharp & fsharp template to net6.0
([#&#8203;23926](https://togithub.com/aws/aws-cdk/issues/23926))
([3bd611d](https://togithub.com/aws/aws-cdk/commit/3bd611dcbdf802dbc918d0ecedaf3ac3d9d73503)),
closes [#&#8203;23921](https://togithub.com/aws/aws-cdk/issues/23921)
- **codebuild:** adds file asset support to build-spec
([#&#8203;24289](https://togithub.com/aws/aws-cdk/issues/24289))
([7cda567](https://togithub.com/aws/aws-cdk/commit/7cda5673fd3f6c5cd56ea59d71b14115f2a388f2)),
closes [#&#8203;1138](https://togithub.com/aws/aws-cdk/issues/1138)
- **ecs:** enable default capacity provider strategy
([#&#8203;23955](https://togithub.com/aws/aws-cdk/issues/23955))
([5a30ea6](https://togithub.com/aws/aws-cdk/commit/5a30ea6536df0fda0e0e7bb89d45666f57fb8890))
- **eks:** add helm flag --skip-crds
([#&#8203;24213](https://togithub.com/aws/aws-cdk/issues/24213))
([f68dbc2](https://togithub.com/aws/aws-cdk/commit/f68dbc2ce76a2df51081e959aa70e373a9bf5ac6)),
closes [#&#8203;24296](https://togithub.com/aws/aws-cdk/issues/24296)
- **sns:** Add FilterPolicyScope support
([#&#8203;23108](https://togithub.com/aws/aws-cdk/issues/23108))
([d986e14](https://togithub.com/aws/aws-cdk/commit/d986e143df3cf9b42031eba0f5a2d9a71d6d9208))
- **stepfunctions-tasks:** add revision number
([#&#8203;24226](https://togithub.com/aws/aws-cdk/issues/24226))
([643042b](https://togithub.com/aws/aws-cdk/commit/643042b8a15779b8a535567085b31424f4373515)),
closes [#&#8203;23491](https://togithub.com/aws/aws-cdk/issues/23491)

##### Bug Fixes

- **cdk-assets:** Error when building Docker Image Assets with Podman
([#&#8203;24003](https://togithub.com/aws/aws-cdk/issues/24003))
([4b08e20](https://togithub.com/aws/aws-cdk/commit/4b08e20be3b829c752e425883da09188b2dcff72)),
closes
[/github.com/aws/aws-cdk/issues/16209#issue-978267269](https://togithub.com/aws//github.com/aws/aws-cdk/issues/16209/issues/issue-978267269)
[#&#8203;16209](https://togithub.com/aws/aws-cdk/issues/16209)
- **cloudwatch:** math expressions incorrectly warn about search and
metrics ([#&#8203;24313](https://togithub.com/aws/aws-cdk/issues/24313))
([f3596eb](https://togithub.com/aws/aws-cdk/commit/f3596eb26f1e4ab360875bf5f79a7de991d2a9ec)),
closes [#&#8203;20136](https://togithub.com/aws/aws-cdk/issues/20136)
- **ec2:** userData in launchTemplate is created automatically when
machineImege is provided
([#&#8203;23593](https://togithub.com/aws/aws-cdk/issues/23593))
([bb4311b](https://togithub.com/aws/aws-cdk/commit/bb4311bf05b64cc95a89a319743e3883fd3c5b15)),
closes [#&#8203;23592](https://togithub.com/aws/aws-cdk/issues/23592)
[/github.com/aws/aws-cdk/pull/12385#discussion_r564614928](https://togithub.com/aws//github.com/aws/aws-cdk/pull/12385/issues/discussion_r564614928)
- **ecr-assets:** fix repeated deploys of stacks with tar assets
([#&#8203;23497](https://togithub.com/aws/aws-cdk/issues/23497))
([c2296a8](https://togithub.com/aws/aws-cdk/commit/c2296a87116c7bbaf6103a03364326c760a8f952)),
closes [#&#8203;18823](https://togithub.com/aws/aws-cdk/issues/18823)
[#&#8203;18822](https://togithub.com/aws/aws-cdk/issues/18822)
- **efs:** support tagging for access point
([#&#8203;24336](https://togithub.com/aws/aws-cdk/issues/24336))
([f9af47f](https://togithub.com/aws/aws-cdk/commit/f9af47f1fe48e66412d95f3eeef931c9322ba5b7)),
closes [#&#8203;20743](https://togithub.com/aws/aws-cdk/issues/20743)
- **eks:** changing the subnets or securityGroupIds order causes an
error ([#&#8203;24163](https://togithub.com/aws/aws-cdk/issues/24163))
([09c2c19](https://togithub.com/aws/aws-cdk/commit/09c2c19f22979482020652d902a73dfcc4e593bd)),
closes [#&#8203;24162](https://togithub.com/aws/aws-cdk/issues/24162)
- **eks:** fix helm deploy login for public ECR repositories
([#&#8203;24104](https://togithub.com/aws/aws-cdk/issues/24104))
([71ec6b6](https://togithub.com/aws/aws-cdk/commit/71ec6b660cf5062c12c5205dadfc28f893251e4f)),
closes [#&#8203;23977](https://togithub.com/aws/aws-cdk/issues/23977)
- **eks:** integ tests errors
([#&#8203;24276](https://togithub.com/aws/aws-cdk/issues/24276))
([07f2d7b](https://togithub.com/aws/aws-cdk/commit/07f2d7b0b947cec31ed3132b95372b9975efa01e))
- **secretsmanager:** secret resource policy already exists in stack
(under feature flag)
([#&#8203;24365](https://togithub.com/aws/aws-cdk/issues/24365))
([7dd8b7e](https://togithub.com/aws/aws-cdk/commit/7dd8b7e1ce88a13e597e52ff95353d74ab4807f1)),
closes [#&#8203;24383](https://togithub.com/aws/aws-cdk/issues/24383)
- **servicecatalog:** wrong asset path is generated in case outdir is
absolute
([#&#8203;24393](https://togithub.com/aws/aws-cdk/issues/24393))
([0ebbf58](https://togithub.com/aws/aws-cdk/commit/0ebbf58bdd3307f536334beb5d1153e3ef660f18)),
closes [#&#8203;24392](https://togithub.com/aws/aws-cdk/issues/24392)
- **sns:** sns subscription filter policy condition limit should be 150
([#&#8203;24269](https://togithub.com/aws/aws-cdk/issues/24269))
([1e1131c](https://togithub.com/aws/aws-cdk/commit/1e1131c207de2df7d5881a57cc28daa59bad975a))
- Correct SamlConsolePrincipal for non-China
([#&#8203;24277](https://togithub.com/aws/aws-cdk/issues/24277))
([e47646c](https://togithub.com/aws/aws-cdk/commit/e47646c0ff317a421b2f042158fcc0c7ae1aa2cf)),
closes [#&#8203;24243](https://togithub.com/aws/aws-cdk/issues/24243)

***

#### Alpha modules (2.67.0-alpha.0)

##### Features

- **msk:** add Kafka versions 3.1.1, 3.2.0, and and 3.3.1
([#&#8203;23918](https://togithub.com/aws/aws-cdk/issues/23918))
([53a1d5f](https://togithub.com/aws/aws-cdk/commit/53a1d5fd81eabf5e9d846411754a554549f9f62c)),
closes [#&#8203;23899](https://togithub.com/aws/aws-cdk/issues/23899)

##### Bug Fixes

- **servicecatalogappregistry:** applicationName can not be changed
after deployment
([#&#8203;24409](https://togithub.com/aws/aws-cdk/issues/24409))
([6aa763f](https://togithub.com/aws/aws-cdk/commit/6aa763f100e5561f4554627116a458abba930480))

### [`v2.66.1`](https://togithub.com/aws/aws-cdk/releases/v2.66.1)

##### Bug Fixes

- Correct SamlConsolePrincipal for non-China
([#&#8203;24277](https://togithub.com/aws/aws-cdk/issues/24277))
([d562871](https://togithub.com/aws/aws-cdk/commit/d562871824350483e80bf6a28868280381e9e83e)),
closes [#&#8203;24243](https://togithub.com/aws/aws-cdk/issues/24243)

***

#### Alpha modules (2.66.1-alpha.0)

### [`v2.66.0`](https://togithub.com/aws/aws-cdk/releases/v2.66.0)

##### Features

- **cloudwatch:** parse all metrics statistics and support long format
([#&#8203;23095](https://togithub.com/aws/aws-cdk/issues/23095))
([853e3d6](https://togithub.com/aws/aws-cdk/commit/853e3d631ef0490b0e2d14fdcf50df9f745de3eb)),
closes [#&#8203;23074](https://togithub.com/aws/aws-cdk/issues/23074)
[40aws-cdk/aws-cloudwatch/lib/metric.ts#L295-L296](https://togithub.com/40aws-cdk/aws-cloudwatch/lib/metric.ts/issues/L295-L296)
- **core:** Size.bytes()
([#&#8203;24136](https://togithub.com/aws/aws-cdk/issues/24136))
([9b2a45a](https://togithub.com/aws/aws-cdk/commit/9b2a45a6757c91011f47a6b3893cdfa0f4891002)),
closes [#&#8203;24106](https://togithub.com/aws/aws-cdk/issues/24106)
- **efs:** support file system policy
([#&#8203;24196](https://togithub.com/aws/aws-cdk/issues/24196))
([5e0f44b](https://togithub.com/aws/aws-cdk/commit/5e0f44b05232c70f35f79d27f1294f943fbeb568)),
closes [#&#8203;24042](https://togithub.com/aws/aws-cdk/issues/24042)
- **logs:** Add support for multiple parse and filter statements in
QueryString
([#&#8203;24022](https://togithub.com/aws/aws-cdk/issues/24022))
([75eb933](https://togithub.com/aws/aws-cdk/commit/75eb9330194824cdf435ae64095813191fcd6e13))
- **stepfunctions:** removal policy for state machines
([#&#8203;24105](https://togithub.com/aws/aws-cdk/issues/24105))
([5f33a26](https://togithub.com/aws/aws-cdk/commit/5f33a26937a78a7d28f913e86c3a2d0b00746e6a))

##### Bug Fixes

- **apigateway:** rest api deployment does not depend on authorizers
([#&#8203;23215](https://togithub.com/aws/aws-cdk/issues/23215))
([12e13c1](https://togithub.com/aws/aws-cdk/commit/12e13c130cac347d5d042d414086e9e5aac5e31c))
- **cognito:** changing `installLatestAwsSdk` breaks Client Secret
reference
([#&#8203;23798](https://togithub.com/aws/aws-cdk/issues/23798))
([844d407](https://togithub.com/aws/aws-cdk/commit/844d4076c142fd88095f36dbc667d85c12e20bd5)),
closes [#&#8203;23796](https://togithub.com/aws/aws-cdk/issues/23796)
- **ecs:** validate ecs healthcheck
([#&#8203;24197](https://togithub.com/aws/aws-cdk/issues/24197))
([89802a9](https://togithub.com/aws/aws-cdk/commit/89802a95360d698921c81a152d11ab6e46b00de3))
- **eks:** nested OCI repository names for private ECR helmchart
deployments are not properly handled
([#&#8203;23378](https://togithub.com/aws/aws-cdk/issues/23378))
([72f2a95](https://togithub.com/aws/aws-cdk/commit/72f2a95e994ef1b129a48bd548303ea39a3d3c9f))
- **lambda:** RuntimeManagementMode.FUNCTION_UPDATE has wrong value
([#&#8203;24252](https://togithub.com/aws/aws-cdk/issues/24252))
([fdb0cf1](https://togithub.com/aws/aws-cdk/commit/fdb0cf13c0b18a436c02a272626ce9f9dde9c343))

***

#### Alpha modules (2.66.0-alpha.0)

##### Features

- **apigatewayv2:** allow websockets routes to return response to client
([#&#8203;22984](https://togithub.com/aws/aws-cdk/issues/22984))
([f8fe1d2](https://togithub.com/aws/aws-cdk/commit/f8fe1d292feb3fc39a99687bf454a829302c4ff5))
- **lambda-python:** add optional poetry bundling exclusion list
parameter
([#&#8203;23670](https://togithub.com/aws/aws-cdk/issues/23670))
([53beeae](https://togithub.com/aws/aws-cdk/commit/53beeaed04bfe295e9f840e65f9c89db00cac692)),
closes [#&#8203;22585](https://togithub.com/aws/aws-cdk/issues/22585)
[#&#8203;22585](https://togithub.com/aws/aws-cdk/issues/22585)
- **redshift:** optionally reboot Clusters to apply parameter changes
([#&#8203;22063](https://togithub.com/aws/aws-cdk/issues/22063))
([f61d950](https://togithub.com/aws/aws-cdk/commit/f61d950aaeba13bd6501b7c8971a9115f4a53f08)),
closes [#&#8203;22009](https://togithub.com/aws/aws-cdk/issues/22009)
[#&#8203;22055](https://togithub.com/aws/aws-cdk/issues/22055)
[#&#8203;22059](https://togithub.com/aws/aws-cdk/issues/22059)

##### Bug Fixes

- **servicecatalogappregistry:** Allow user to control stack id via
stack name for Application stack
([#&#8203;24171](https://togithub.com/aws/aws-cdk/issues/24171))
([0c7c7e4](https://togithub.com/aws/aws-cdk/commit/0c7c7e4a7c34957ff7877eda5171f82c5feaba1d)),
closes [#&#8203;24160](https://togithub.com/aws/aws-cdk/issues/24160)

### [`v2.65.0`](https://togithub.com/aws/aws-cdk/releases/v2.65.0)

##### Features

- **autoscaling:** L2 construct for enabling capacity rebalance of
autoscaling
([#&#8203;24025](https://togithub.com/aws/aws-cdk/issues/24025))
([d2c63f5](https://togithub.com/aws/aws-cdk/commit/d2c63f55f8657315ad4e4dd463cfcae07cb66e53)),
closes [#&#8203;22625](https://togithub.com/aws/aws-cdk/issues/22625)
- **chatbot:** support guardrail policies
([#&#8203;24114](https://togithub.com/aws/aws-cdk/issues/24114))
([4c72a7d](https://togithub.com/aws/aws-cdk/commit/4c72a7dc3994ba190f1e1aa467d3087228bcb881)),
closes [#&#8203;20788](https://togithub.com/aws/aws-cdk/issues/20788)
- **core:** Allow passing Docker build secrets
([#&#8203;23778](https://togithub.com/aws/aws-cdk/issues/23778))
([74512fa](https://togithub.com/aws/aws-cdk/commit/74512fa339e0a2937213f519c109ef1207e9d0c6)),
closes [#&#8203;14910](https://togithub.com/aws/aws-cdk/issues/14910)
[#&#8203;14395](https://togithub.com/aws/aws-cdk/issues/14395)
- **elbv2:** add metrics to INetworkTargetGroup and
IApplicationTargetGroup
([#&#8203;23993](https://togithub.com/aws/aws-cdk/issues/23993))
([6a9e43f](https://togithub.com/aws/aws-cdk/commit/6a9e43f0c6f966df4671267eeda21638611dfb1c)),
closes [#&#8203;23853](https://togithub.com/aws/aws-cdk/issues/23853)
[#&#8203;10850](https://togithub.com/aws/aws-cdk/issues/10850)
- **lambda:** add insights version 1.0.178.0
([#&#8203;23836](https://togithub.com/aws/aws-cdk/issues/23836))
([5272908](https://togithub.com/aws/aws-cdk/commit/527290854d0fa31e7f41497ede0c1b8b0e1b9ad4))

##### Bug Fixes

- **bootstrap:** remove Security Hub finding S3.10
([#&#8203;24175](https://togithub.com/aws/aws-cdk/issues/24175))
([a1da757](https://togithub.com/aws/aws-cdk/commit/a1da757ce348b4bd66a6d0e7776f2ff8e9f531b6)),
closes
[/docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-fsbp-controls.html#fsbp-s3-10](https://togithub.com/aws//docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-fsbp-controls.html/issues/fsbp-s3-10)
- **codedeploy:** unable to remove alarms from deployment group
([#&#8203;23308](https://togithub.com/aws/aws-cdk/issues/23308))
([eee005f](https://togithub.com/aws/aws-cdk/commit/eee005f4949d7438467c7448ba8326efa4b79221))
- **codepipeline:** x-env ECS deployment lacking support
stack-dependency
([#&#8203;24053](https://togithub.com/aws/aws-cdk/issues/24053))
([adfe4fa](https://togithub.com/aws/aws-cdk/commit/adfe4fa137bb748961b4a767d538335490e13ed1)),
closes [#&#8203;24050](https://togithub.com/aws/aws-cdk/issues/24050)
[#&#8203;24051](https://togithub.com/aws/aws-cdk/issues/24051)
- **core:** messages are displayed multiple times per construct
([#&#8203;24019](https://togithub.com/aws/aws-cdk/issues/24019))
([57770bb](https://togithub.com/aws/aws-cdk/commit/57770bb12ea6d77373f1e9e8e04f6757b440f277)),
closes [#&#8203;9565](https://togithub.com/aws/aws-cdk/issues/9565)
- **ec2:** enable set throughput param to CfnVolume
([#&#8203;24118](https://togithub.com/aws/aws-cdk/issues/24118))
([32781f8](https://togithub.com/aws/aws-cdk/commit/32781f825352f9cb43d8fed5c122b454275b3076)),
closes [#&#8203;24107](https://togithub.com/aws/aws-cdk/issues/24107)
[#&#8203;24107](https://togithub.com/aws/aws-cdk/issues/24107)
- **elbv2:** healthcheck interval is overly restrictive
([#&#8203;24157](https://togithub.com/aws/aws-cdk/issues/24157))
([4f83e02](https://togithub.com/aws/aws-cdk/commit/4f83e02b85229ebdff3f32ba6fd662ffd707d8db)),
closes [#&#8203;24156](https://togithub.com/aws/aws-cdk/issues/24156)
- **iam:** PrincipalWithConditions.addCondition fails with a new key
([#&#8203;23782](https://togithub.com/aws/aws-cdk/issues/23782))
([8951d01](https://togithub.com/aws/aws-cdk/commit/8951d013bea5dad54b94a6a683f56275ff4e6dba)),
closes [#&#8203;23781](https://togithub.com/aws/aws-cdk/issues/23781)
- **iam:** SamlConsolePrincipal does not work in China
[#&#8203;22091](https://togithub.com/aws/aws-cdk/issues/22091)
([#&#8203;24034](https://togithub.com/aws/aws-cdk/issues/24034))
([2902043](https://togithub.com/aws/aws-cdk/commit/29020435aeb1a9fb6401572520d0adca8155dc60))
- **pipelines:** SelfMutation CodeBuild project not accessible
([#&#8203;24073](https://togithub.com/aws/aws-cdk/issues/24073))
([5942978](https://togithub.com/aws/aws-cdk/commit/594297862f2626b64b174d6998886a40f1b316be))
- **rds:** database proxies use ids as their resource names directly
(under feature flag)
([#&#8203;23703](https://togithub.com/aws/aws-cdk/issues/23703))
([03a0f79](https://togithub.com/aws/aws-cdk/commit/03a0f79b40e3be95de5421370703eb54c06b7dd7)),
closes [#&#8203;18578](https://togithub.com/aws/aws-cdk/issues/18578)
- **s3:** logging bucket blocks KMS_MANAGED encryption
([#&#8203;23514](https://togithub.com/aws/aws-cdk/issues/23514))
([1e8926f](https://togithub.com/aws/aws-cdk/commit/1e8926fa9bcf561135beaa31379ec1f1e6f79901))

***

#### Alpha modules (2.65.0-alpha.0)

##### Features

- **glue:** support Ray jobs
([#&#8203;23822](https://togithub.com/aws/aws-cdk/issues/23822))
([8de50d6](https://togithub.com/aws/aws-cdk/commit/8de50d624c8703a12713dcffbc764688868f22b0))
- **redshift:** IAM roles can be attached to a cluster, post creation
([#&#8203;23791](https://togithub.com/aws/aws-cdk/issues/23791))
([1a46808](https://togithub.com/aws/aws-cdk/commit/1a46808b03e8f6d09846f999ae3dc65b190f5f26)),
closes [#&#8203;22632](https://togithub.com/aws/aws-cdk/issues/22632)
- **synthetics:** support runtime 3.9
([#&#8203;24101](https://togithub.com/aws/aws-cdk/issues/24101))
([9d23cad](https://togithub.com/aws/aws-cdk/commit/9d23caded8aca42d3b78de1bc7e89c38a4d6805e))

### [`v2.64.0`](https://togithub.com/aws/aws-cdk/releases/v2.64.0)

##### Features

- **cfnspec:** cloudformation spec v109.0.0
([#&#8203;23968](https://togithub.com/aws/aws-cdk/issues/23968))
([5d59134](https://togithub.com/aws/aws-cdk/commit/5d5913455da2cdb834feef708fb01f9e77df656f))
- **cfnspec:** cloudformation spec v109.0.0
([#&#8203;23984](https://togithub.com/aws/aws-cdk/issues/23984))
([affe040](https://togithub.com/aws/aws-cdk/commit/affe040c8443be074822254d1e75a28b264cd801))
- **cli:** --hotswap will not use CFN anymore, --hotswap-fallback to
fall back if necessary
([#&#8203;23653](https://togithub.com/aws/aws-cdk/issues/23653))
([a5317ca](https://togithub.com/aws/aws-cdk/commit/a5317ca52f05ebc34d9f22196ab0ef36d5cac967)),
closes [#&#8203;22784](https://togithub.com/aws/aws-cdk/issues/22784)
[#&#8203;21773](https://togithub.com/aws/aws-cdk/issues/21773)
[#&#8203;21556](https://togithub.com/aws/aws-cdk/issues/21556)
[#&#8203;23640](https://togithub.com/aws/aws-cdk/issues/23640)
- **elbv2:** add metrics to INetworkLoadBalancer and
IApplicationLoadBalancer
([#&#8203;23853](https://togithub.com/aws/aws-cdk/issues/23853))
([cb889bc](https://togithub.com/aws/aws-cdk/commit/cb889bc2c267654ca97e3d85a16a99a667d3584c)),
closes [#&#8203;10850](https://togithub.com/aws/aws-cdk/issues/10850)
- **iam:** implement IGrantable to Policy and ManagedPolicy
([#&#8203;22712](https://togithub.com/aws/aws-cdk/issues/22712))
([d3df40f](https://togithub.com/aws/aws-cdk/commit/d3df40ff89c70b9243ec175747eb398368067095)),
closes [#&#8203;10308](https://togithub.com/aws/aws-cdk/issues/10308)
- **lambda:** enable RuntimeManagementConfig
([#&#8203;23891](https://togithub.com/aws/aws-cdk/issues/23891))
([be4f971](https://togithub.com/aws/aws-cdk/commit/be4f97129f4237b39d0b99977eb597e2af49ed2a)),
closes [#&#8203;23890](https://togithub.com/aws/aws-cdk/issues/23890)
- **s3:** allow configuring S3 Object Lock
([#&#8203;23744](https://togithub.com/aws/aws-cdk/issues/23744))
([bdcd6c8](https://togithub.com/aws/aws-cdk/commit/bdcd6c890878fb71c480bf40964f1b6ea0a5f270)),
closes [#&#8203;5247](https://togithub.com/aws/aws-cdk/issues/5247)
[#&#8203;21738](https://togithub.com/aws/aws-cdk/issues/21738)

##### Bug Fixes

- Use the correct LB full name when creating metrics for imported LBs
([#&#8203;23972](https://togithub.com/aws/aws-cdk/issues/23972))
([16c23b7](https://togithub.com/aws/aws-cdk/commit/16c23b7554923bf6c2703ba5f229e6c34b459a2f)),
closes [#&#8203;23853](https://togithub.com/aws/aws-cdk/issues/23853)
- **cdk-assets:** asset concurrency leaves a corrupted archive
([#&#8203;24026](https://togithub.com/aws/aws-cdk/issues/24026))
([989454f](https://togithub.com/aws/aws-cdk/commit/989454f7e27f3cbf33180d8aab29d56472378126))
- **cdk-assets:** packaging assets is broken on Node older than 14.17
([#&#8203;23994](https://togithub.com/aws/aws-cdk/issues/23994))
([5bde92c](https://togithub.com/aws/aws-cdk/commit/5bde92c2ae29781aafd8c3817d08e93748c39885)),
closes [#&#8203;23859](https://togithub.com/aws/aws-cdk/issues/23859)
- **codedeploy:** cross-region referenced groups use wrong config
([#&#8203;23986](https://togithub.com/aws/aws-cdk/issues/23986))
([390ec78](https://togithub.com/aws/aws-cdk/commit/390ec78437a55ad68757f8ce812535e9bc149a2a))
- **core:** cross-stack reference error doesn't include violation
([#&#8203;23987](https://togithub.com/aws/aws-cdk/issues/23987))
([c7ad66f](https://togithub.com/aws/aws-cdk/commit/c7ad66fad6ca5aff5f2ae9754d263dea9d1de368))
- **ec2:** Cannot deploy VPC flow log with other resources that requires
bucket policies
([#&#8203;23889](https://togithub.com/aws/aws-cdk/issues/23889))
([e646ad5](https://togithub.com/aws/aws-cdk/commit/e646ad5b5496b176549f8c039a5ffabbf07403ff)),
closes [#&#8203;18985](https://togithub.com/aws/aws-cdk/issues/18985)
- **pipelines:** cannot configure actionName for all sources
([#&#8203;24027](https://togithub.com/aws/aws-cdk/issues/24027))
([9cd639b](https://togithub.com/aws/aws-cdk/commit/9cd639b0f83e65fbe531d56210f68e99874f506e))
- **s3:** infer bucketWebsiteUrl and bucketDomainName suffixes from
bucket region
([#&#8203;23919](https://togithub.com/aws/aws-cdk/issues/23919))
([252f052](https://togithub.com/aws/aws-cdk/commit/252f052d4239b320ac542c7db256683425ad7eba))
- **s3-deployment:** wrong URL in
BucketDeployment.deployedBucket.bucketWebsiteUrl
([#&#8203;24055](https://togithub.com/aws/aws-cdk/issues/24055))
([ece46db](https://togithub.com/aws/aws-cdk/commit/ece46dbd939383f240023172a491767b51eaa722)),
closes [#&#8203;23354](https://togithub.com/aws/aws-cdk/issues/23354)

***

#### Alpha modules (2.64.0-alpha.0)

##### Features

- **cloud9:** support setting environment owner
([#&#8203;23878](https://togithub.com/aws/aws-cdk/issues/23878))
([08a2f36](https://togithub.com/aws/aws-cdk/commit/08a2f363093f39d04026778bb8d5d7f673698b57)),
closes [#&#8203;22474](https://togithub.com/aws/aws-cdk/issues/22474)
- **redshift:** Tables can include comments
([#&#8203;23847](https://togithub.com/aws/aws-cdk/issues/23847))
([46cadd4](https://togithub.com/aws/aws-cdk/commit/46cadd4b2dd417e1484ba63389b33e1504cfd842)),
closes [#&#8203;22682](https://togithub.com/aws/aws-cdk/issues/22682)

##### Bug Fixes

- **servicecatalogappregistry:** default stack name is not meaningful
and causes conflict when multiple stacks deployed to the same
account-region
([#&#8203;23823](https://togithub.com/aws/aws-cdk/issues/23823))
([420b5ff](https://togithub.com/aws/aws-cdk/commit/420b5ff2bd08311f2c8cabbe0787c0e0bf4f8ae3))

### [`v2.63.2`](https://togithub.com/aws/aws-cdk/releases/v2.63.2)

***

#### Alpha modules (2.63.2-alpha.0)

### [`v2.63.1`](https://togithub.com/aws/aws-cdk/releases/v2.63.1)

##### Reverts

- **cdk-assets:** packaging assets is broken on Node older than 14.17
([#&#8203;23994](https://togithub.com/aws/aws-cdk/issues/23994))
([1976f1a](https://togithub.com/aws/aws-cdk/commit/1976f1a7f585b1adb582c5cb557b96ed38418fca)),
closes [#&#8203;23859](https://togithub.com/aws/aws-cdk/issues/23859)

***

#### Alpha modules (2.63.1-alpha.0)

### [`v2.63.0`](https://togithub.com/aws/aws-cdk/releases/v2.63.0)

##### Features

- **cfnspec:** cloudformation spec v109.0.0
([#&#8203;23868](https://togithub.com/aws/aws-cdk/issues/23868))
([8ee97b0](https://togithub.com/aws/aws-cdk/commit/8ee97b039fd6e26fc8a305f285c61a08da4bfdc4))
- **cfnspec:** cloudformation spec v109.0.0
([#&#8203;23929](https://togithub.com/aws/aws-cdk/issues/23929))
([39f8a30](https://togithub.com/aws/aws-cdk/commit/39f8a304dfc68c0cbe3bab0b1d567b8d361c99ab))
- **core:** add creation policy configuration for appstream
([#&#8203;23607](https://togithub.com/aws/aws-cdk/issues/23607))
([8909a04](https://togithub.com/aws/aws-cdk/commit/8909a04e13aa55eb102eac9f9f9ce74721e3fffc)),
closes [#&#8203;23604](https://togithub.com/aws/aws-cdk/issues/23604)
- **core:** allow asset bundling on docker remote host / docker in
docker ([#&#8203;23576](https://togithub.com/aws/aws-cdk/issues/23576))
([afce30a](https://togithub.com/aws/aws-cdk/commit/afce30a6e84a2f7e4eba499d3e71365a7939bef5)),
closes [#&#8203;8799](https://togithub.com/aws/aws-cdk/issues/8799)
- **stepfunctions:** task and heartbeat timeout specified by a path
([#&#8203;23755](https://togithub.com/aws/aws-cdk/issues/23755))
([26e48c7](https://togithub.com/aws/aws-cdk/commit/26e48c7b36fecf114ff771909b377a2570aa36b3)),
closes [#&#8203;15531](https://togithub.com/aws/aws-cdk/issues/15531)

##### Bug Fixes

- **appsync:** sanitized datasource name isn't exported
([#&#8203;23802](https://togithub.com/aws/aws-cdk/issues/23802))
([0b25265](https://togithub.com/aws/aws-cdk/commit/0b25265e5105d03fe6290e24462e45398695a11e))
- imports from ESM modules cannot find correct type definitions
([#&#8203;23870](https://togithub.com/aws/aws-cdk/issues/23870))
([356a128](https://togithub.com/aws/aws-cdk/commit/356a128c78b78154ef01ee81ea9d8a60fc569939))
- **eks:** reuse chart name as chart dir for helmchart deployment from
OCI repository
([#&#8203;23392](https://togithub.com/aws/aws-cdk/issues/23392))
([070f5ec](https://togithub.com/aws/aws-cdk/commit/070f5ecebfba8a3f9b5771b251ee9b584aa89b67))
- `aws-cdk-lib` imports from ESM modules are broken
([#&#8203;23846](https://togithub.com/aws/aws-cdk/issues/23846))
([cf2e498](https://togithub.com/aws/aws-cdk/commit/cf2e498d66f4e2c806ef473414b61e5748d41c7b)),
closes [#&#8203;23813](https://togithub.com/aws/aws-cdk/issues/23813)

***

#### Alpha modules (2.63.0-alpha.0)

##### Features

- **synthetics:** Adding DeleteLambdaResourcesOnCanaryDeletion prop to
the canary L2
([#&#8203;23820](https://togithub.com/aws/aws-cdk/issues/23820))
([45c191e](https://togithub.com/aws/aws-cdk/commit/45c191efa865e0aef6fc9d7fa4cd9d56d98a7cc9))
- **redshift:** support default role for redshift clusters
([#&#8203;22551](https://togithub.com/aws/aws-cdk/issues/22551))

### [`v2.62.2`](https://togithub.com/aws/aws-cdk/releases/v2.62.2)

##### Bug Fixes

- imports from ESM modules cannot find correct type definitions
([#&#8203;23870](https://togithub.com/aws/aws-cdk/issues/23870))
([1b9f3f7](https://togithub.com/aws/aws-cdk/commit/1b9f3f7d3fa447a21e9ed38026cc428f7797390f))

***

#### Alpha modules (2.62.2-alpha.0)

### [`v2.62.1`](https://togithub.com/aws/aws-cdk/releases/v2.62.1)

##### Bug Fixes

- `aws-cdk-lib` imports from ESM modules are broken
([#&#8203;23846](https://togithub.com/aws/aws-cdk/issues/23846))
([46b93a9](https://togithub.com/aws/aws-cdk/commit/46b93a913743ab5791b9ae722293dfbeb9692eef)),
closes [#&#8203;23813](https://togithub.com/aws/aws-cdk/issues/23813)

***

#### Alpha modules (2.62.1-alpha.0)

### [`v2.62.0`](https://togithub.com/aws/aws-cdk/releases/v2.62.0)

##### Features

- **certificatemanager:** deprecate DnsValidatedCertificate
([#&#8203;21982](https://togithub.com/aws/aws-cdk/issues/21982))
([64bfbf9](https://togithub.com/aws/aws-cdk/commit/64bfbf9b981a32a4db1b07476144d280d6eced32)),
closes [#&#8203;8934](https://togithub.com/aws/aws-cdk/issues/8934)
[#&#8203;2914](https://togithub.com/aws/aws-cdk/issues/2914)
[#&#8203;20698](https://togithub.com/aws/aws-cdk/issues/20698)
[#&#8203;17349](https://togithub.com/aws/aws-cdk/issues/17349)
[#&#8203;15217](https://togithub.com/aws/aws-cdk/issues/15217)
[#&#8203;14519](https://togithub.com/aws/aws-cdk/issues/14519)
- **cfnspec:** cloudformation spec v107.0.0
([#&#8203;23750](https://togithub.com/aws/aws-cdk/issues/23750))
([3dc40b4](https://togithub.com/aws/aws-cdk/commit/3dc40b4c9b660a8d50bc07646fa63ecbee6df958))
- **cfnspec:** cloudformation spec v108.0.0
([#&#8203;23769](https://togithub.com/aws/aws-cdk/issues/23769))
([ff0070d](https://togithub.com/aws/aws-cdk/commit/ff0070d61f18a6cdd77b027a7f6cd2baf976c3c9))
- **cfnspec:** cloudformation spec v108.0.0
([#&#8203;23808](https://togithub.com/aws/aws-cdk/issues/23808))
([858ff23](https://togithub.com/aws/aws-cdk/commit/858ff2363e110b355c2e9823664d087af991bb55))
- **lambda-event-sources:** events source mapping support for sqs max
concurrency
([#&#8203;23714](https://togithub.com/aws/aws-cdk/issues/23714))
([6dcec2d](https://togithub.com/aws/aws-cdk/commit/6dcec2d00363a286906dab19647816ddfd58f33a))
- **logs:** add grantRead function to LogGroup
([#&#8203;23280](https://togithub.com/aws/aws-cdk/issues/23280))
([42ef507](https://togithub.com/aws/aws-cdk/commit/42ef50706f60a7f452698166fa2d9c93ca54bc0d))

##### Bug Fixes

- **appsync:** Populate construct name dynamically for lambda authorizer
permission in appsync
([#&#8203;23777](https://togithub.com/aws/aws-cdk/issues/23777))
([92f02e9](https://togithub.com/aws/aws-cdk/commit/92f02e92905252ee7e4fff32751e76da5052b14b))
- importing `aws-cdk-lib` is slow
([#&#8203;23813](https://togithub.com/aws/aws-cdk/issues/23813))
([8aaeffb](https://togithub.com/aws/aws-cdk/commit/8aaeffbbb86e8a80cb87fa3314880bd7c2a893be))
- **bootstrap:** bootstrap stack version was not bumped during previous
update ([#&#8203;23669](https://togithub.com/aws/aws-cdk/issues/23669))
([f56cb70](https://togithub.com/aws/aws-cdk/commit/f56cb7004cc4f1017ded4b6a0593a744e8f6271e))
- **cfnspec:** incorrectly handling array result from jsondiff
([#&#8203;23795](https://togithub.com/aws/aws-cdk/issues/23795))
([4a701f1](https://togithub.com/aws/aws-cdk/commit/4a701f1668177a509f1e2f7f3c5d2249070ec666)),
closes
[/github.com/andreyvit/json-diff/blob/35582a9d19f8b0b2773360d67937e57ce2866781/test/diff_test.coffee#L78](https://togithub.com/aws//github.com/andreyvit/json-diff/blob/35582a9d19f8b0b2773360d67937e57ce2866781/test/diff_test.coffee/issues/L78)
- **cli:** only load sourcemap when `--debug` flag is enabled
([#&#8203;23752](https://togithub.com/aws/aws-cdk/issues/23752))
([94102c1](https://togithub.com/aws/aws-cdk/commit/94102c1210a4d7906a03c81a1845466c988c06e7))
- **codeguruprofiler:** imported profiling group environment configured
with stack region
([#&#8203;23568](https://togithub.com/aws/aws-cdk/issues/23568))
([8bfa695](https://togithub.com/aws/aws-cdk/commit/8bfa695881f6b78a052ca5276a63d78c1a8c0dda))
- **lambda:** lambda functions that use triggers error when invoked
([#&#8203;23728](https://togithub.com/aws/aws-cdk/issues/23728))
([37974ed](https://togithub.com/aws/aws-cdk/commit/37974ed91fda77a31aa99da75c1d7fb301135a5f)),
closes [#&#8203;23062](https://togithub.com/aws/aws-cdk/issues/23062)
[#&#8203;23062](https://togithub.com/aws/aws-cdk/issues/23062)
[#&#8203;23407](https://togithub.com/aws/aws-cdk/issues/23407)
[#&#8203;23407](https://togithub.com/aws/aws-cdk/issues/23407)
- **lambda-nodejs:** aws-sdk version detection broken for self-defined
runtimes
([#&#8203;23416](https://togithub.com/aws/aws-cdk/issues/23416))
([8a7dffd](https://togithub.com/aws/aws-cdk/commit/8a7dffdd056ad6e4e1609deb43ba790a020b4997)),
closes [#&#8203;22989](https://togithub.com/aws/aws-cdk/issues/22989)
[/github.com/aws/aws-cdk/pull/22989/files#diff-cd86fbd4f2bbefcbcffc2143adccabafa1debe5981edbcdfcc766b5a705fe770R371-R383](https://togithub.com/aws//github.com/aws/aws-cdk/pull/22989/files/issues/diff-cd86fbd4f2bbefcbcffc2143adccabafa1debe5981edbcdfcc766b5a705fe770R371-R383)

***

#### Alpha modules (2.62.0-alpha.0)

##### Features

- **apprunner:** apprunner secrets manager
([#&#8203;23692](https://togithub.com/aws/aws-cdk/issues/23692))
([a914fc0](https://togithub.com/aws/aws-cdk/commit/a914fc0614cd9aa634c5724c3474c99fd3888d98))

##### Bug Fixes

- **integ-runner:** cleanup tmp snapshot before running test
([#&#8203;23773](https://togithub.com/aws/aws-cdk/issues/23773))
([366f2ab](https://togithub.com/aws/aws-cdk/commit/366f2ab6fbedaf33630a40d5306746c6d363f05c))

### [`v2.61.1`](https://togithub.com/aws/aws-cdk/releases/v2.61.1)

##### Bug Fixes

- **lambda:** lambda functions that use triggers error when invoked
([#&#8203;23728](https://togithub.com/aws/aws-cdk/issues/23728))
([5fd9135](https://togithub.com/aws/aws-cdk/commit/5fd91352e4b625e003ee359563850852a50112ec)),
closes [#&#8203;23062](https://togithub.com/aws/aws-cdk/issues/23062)
[#&#8203;23062](https://togithub.com/aws/aws-cdk/issues/23062)
[#&#8203;23407](https://togithub.com/aws/aws-cdk/issues/23407)
[#&#8203;23407](https://togithub.com/aws/aws-cdk/issues/23407)

***

#### Alpha modules (2.61.1-alpha.0)

### [`v2.61.0`](https://togithub.com/aws/aws-cdk/releases/v2.61.0)

##### Features

- **cfnspec:** cloudformation spec v107.0.0
([#&#8203;23698](https://togithub.com/aws/aws-cdk/issues/23698))
([aca8a25](https://togithub.com/aws/aws-cdk/commit/aca8a256dcaf89b53f7af4f308b2f23e2e766902))
- **core:** stack synthesizers can be shared between stacks
([#&#8203;23571](https://togithub.com/aws/aws-cdk/issues/23571))
([0ce19f0](https://togithub.com/aws/aws-cdk/commit/0ce19f0e1217a4a41a3a9c27049ab73c7fbc320d))
- **logs:** add unit to metric filter
([#&#8203;23608](https://togithub.com/aws/aws-cdk/issues/23608))
([7cbe8ac](https://togithub.com/aws/aws-cdk/commit/7cbe8ac9286e5f7c3efb7f75aa859bf6b3bffecf))
- **opensearch:** add support for latest amazon opensearch service 2.3
([#&#8203;22943](https://togithub.com/aws/aws-cdk/issues/22943))
([0303d6f](https://togithub.com/aws/aws-cdk/commit/0303d6f7a71d2c70443df4433f0ff7554bcc4e56))
- **pipeline:** enable key rotation
([#&#8203;23620](https://togithub.com/aws/aws-cdk/issues/23620))
([29d7336](https://togithub.com/aws/aws-cdk/commit/29d733677c4962199a848933a7415b47abb23a2f))
- **route53-patterns:** use `Certificate` as the default certificate
(under feature flag)
([#&#8203;23575](https://togithub.com/aws/aws-cdk/issues/23575))
([77709c8](https://togithub.com/aws/aws-cdk/commit/77709c8328fe664c1fca50223c8e64325cb70461))

##### Bug Fixes

- **aws-s3:** log delivery may be incorrectly configured when target
bucket is imported
([#&#8203;23552](https://togithub.com/aws/aws-cdk/issues/23552))
([41327d8](https://togithub.com/aws/aws-cdk/commit/41327d8e815b80c9148bd33751fdf1b70c3bc9cd)),
closes [#&#8203;23547](https://togithub.com/aws/aws-cdk/issues/23547)
[#&#8203;23588](https://togithub.com/aws/aws-cdk/issues/23588)
- **cdk-assets:** concurrent asset builds can leave a corrupted archive
([#&#8203;23677](https://togithub.com/aws/aws-cdk/issues/23677))
([18e0481](https://togithub.com/aws/aws-cdk/commit/18e0481a3bbcb92bd22ce4e83d4f02e03e484307)),
closes [#&#8203;23290](https://togithub.com/aws/aws-cdk/issues/23290)
- **cli:** can not assume role from 2-level SSO
([#&#8203;23702](https://togithub.com/aws/aws-cdk/issues/23702))
([c3a345b](https://togithub.com/aws/aws-cdk/commit/c3a345be0eeb26e1b410d68643740f0aea8af4d7)),
closes [#&#8203;23520](https://togithub.com/aws/aws-cdk/issues/23520)
- **cloudtrail:** Trail fails during resource creation due to invalid
template properties when management events are 'None'
([#&#8203;23569](https://togithub.com/aws/aws-cdk/issues/23569))
([15ced88](https://togithub.com/aws/aws-cdk/commit/15ced888718531ddc59402f0c886c9b4f1fea67b)),
closes [#&#8203;16387](https://togithub.com/aws/aws-cdk/issues/16387)
[#&#8203;15488](https://togithub.com/aws/aws-cdk/issues/15488)
- **lambda:** ever-changing Version hash with LayerVersion from tokens
([#&#8203;23629](https://togithub.com/aws/aws-cdk/issues/23629))
([88fc62d](https://togithub.com/aws/aws-cdk/commit/88fc62d215d8c4aa3a4c423a06571ec45b51cec6))
- **pipelines:** cross-stack step dependencies have wrong name
([#&#8203;23594](https://togithub.com/aws/aws-cdk/issues/23594))
([0d8142b](https://togithub.com/aws/aws-cdk/commit/0d8142bf6860cbebab9c1704f6ebf59b17a5704f)),
closes [#&#8203;21843](https://togithub.com/aws/aws-cdk/issues/21843)
- **servicecatalog:** incorrect objectkey produced from asset relative…
([#&#8203;23580](https://togithub.com/aws/aws-cdk/issues/23580))
([b4a6120](https://togithub.com/aws/aws-cdk/commit/b4a6120af01b46bc688eebb8f8bb6fbde7f481fe)),
closes [#&#8203;23560](https://togithub.com/aws/aws-cdk/issues/23560)
- **stepfunctions-tasks:** fix IAM policy statements for step functions
API calls
([#&#8203;22959](https://togithub.com/aws/aws-cdk/issues/22959))
([dce662c](https://togithub.com/aws/aws-cdk/commit/dce662cae6eb493770d3c6f700c92a0b6c235195))

***

#### Alpha modules (2.61.0-alpha.0)

##### Features

- **cli-lib:** \[JS/TS only] experimental support for programmatic CLI
api ([#&#8203;22836](https://togithub.com/aws/aws-cdk/issues/22836))
([0b6b716](https://togithub.com/aws/aws-cdk/commit/0b6b7166c3f0348cc33fd3a0d19637351ea3b05b))

##### Bug Fixes

- **glue:** --conf parameter is no longer a reserved keyword for glue
jobs ([#&#8203;23673](https://togithub.com/aws/aws-cdk/issues/23673))
([3d0f4ba](https://togithub.com/aws/aws-cdk/commit/3d0f4ba6dd92ad7b91b00fad6cbab873964683fc))
- **servicecatalogappregistry:** outputs are not deployable
([#&#8203;23652](https://togithub.com/aws/aws-cdk/issues/23652))
([fa9eef0](https://togithub.com/aws/aws-cdk/commit/fa9eef081ead451a4d38bf083eda02af09fff482)),
closes [#&#8203;23641](https://togithub.com/aws/aws-cdk/issues/23641)

### [`v2.60.0`](https://togithub.com/aws/aws-cdk/releases/v2.60.0)

##### Features

- **appsync:** js resolver support
([#&#8203;23551](https://togithub.com/aws/aws-cdk/issues/23551))
([2318384](https://togithub.com/aws/aws-cdk/commit/231838409cc1409c137ff27086e853ce2b0fbf1c)),
closes [#&#8203;22921](https://togithub.com/aws/aws-cdk/issues/22921)
- **appsync:** stabilize appsync module 🎆🎆 🎆
([#&#8203;23633](https://togithub.com/aws/aws-cdk/issues/23633))
([e5b0230](https://togithub.com/aws/aws-cdk/commit/e5b023089e168c50eda83a11db0e697b96caf7e9)),
closes [#&#8203;6836](https://togithub.com/aws/aws-cdk/issues/6836)
- **cfnspec:** cloudformation spec v106.0.0
([#&#8203;23586](https://togithub.com/aws/aws-cdk/issues/23586))
([f178c98](https://togithub.com/aws/aws-cdk/commit/f178c98d4473d8bb8d46d80c076fa520d03c623b))
- **cloudfront:** remove headers and server timing
([#&#8203;23558](https://togithub.com/aws/aws-cdk/issues/23558))
([44a4812](https://togithub.com/aws/aws-cdk/commit/44a4812778d87af27809e5a733c6e5ea6b65004b))
- **cognito:** use secretsmanager secrets for clientSecretValue
([#&#8203;22885](https://togithub.com/aws/aws-cdk/issues/22885))
([4baea78](https://togithub.com/aws/aws-cdk/commit/4baea78f415566dea499f4ce49fc24d4dc7c4ef7))
- **ec2:** subnet ipv4 cidr blocks on imported vpc
([#&#8203;23317](https://togithub.com/aws/aws-cdk/issues/23317))
([e0885db](https://togithub.com/aws/aws-cdk/commit/e0885db29c8b45cfe9da1df8b55af2bf78892a04))
- **ecr-assets:** Support docker outputs flag
([#&#8203;23304](https://togithub.com/aws/aws-cdk/issues/23304))
([61e5495](https://togithub.com/aws/aws-cdk/commit/61e5495105e06aba4c027fb33ae031da09a3ff33)),
closes [#&#8203;20566](https://togithub.com/aws/aws-cdk/issues/20566)
- **pipelines:** Expose stack output namespaces in custom
`pipelines.Step`s
([#&#8203;23110](https://togithub.com/aws/aws-cdk/issues/23110))
([14f6811](https://togithub.com/aws/aws-cdk/commit/14f6811b89a0ae374863a3b2bdd36997ce67883e)),
closes
[/github.com/aws/aws-cdk/issues/23000#issuecomment-1324379670](https://togithub.com/aws//github.com/aws/aws-cdk/issues/23000/issues/issuecomment-1324379670)

##### Bug Fixes

- **acm:** domainName length constraint failure due to Tokens
([#&#8203;23567](https://togithub.com/aws/aws-cdk/issues/23567))
([2d7e3c0](https://togithub.com/aws/aws-cdk/commit/2d7e3c0e9edfb8f3e30dc0c1efaeb03fde19db7c)),
closes [#&#8203;23565](https://togithub.com/aws/aws-cdk/issues/23565)
- **aws-custom-resource:** switch off `installLatestAwsSdk` by default
([#&#8203;23591](https://togithub.com/aws/aws-cdk/issues/23591))
([c9b2548](https://togithub.com/aws/aws-cdk/commit/c9b2548126f01fd918009df0a42f0ab4c5e69cc3)),
closes [#&#8203;23113](https://togithub.com/aws/aws-cdk/issues/23113)
- **bootstrap:** KMS keys cannot be tagged
([#&#8203;21975](https://togithub.com/aws/aws-cdk/issues/21975))
([0e552db](https://togithub.com/aws/aws-cdk/commit/0e552dbb63a97cd6a7a65cae80ae863609237e61)),
closes [#&#8203;21281](https://togithub.com/aws/aws-cdk/issues/21281)
- **events:** cross stack rules require concrete environment
([#&#8203;23549](https://togithub.com/aws/aws-cdk/issues/23549))
([22d3341](https://togithub.com/aws/aws-cdk/commit/22d3341c2239b046473ded3fcbc85b5cbc4a37a1)),
closes [#&#8203;18405](https://togithub.com/aws/aws-cdk/issues/18405)
- **iam:** create stack based default policies for roles
([#&#8203;23100](https://togithub.com/aws/aws-cdk/issues/23100))
([dea4216](https://togithub.com/aws/aws-cdk/commit/dea4216a3f2e6727a6bc49d632c03b3f0a416947))
- **lambda:** automatic `currentVersion` conflicts with explicit
`Version` resource
([#&#8203;23636](https://togithub.com/aws/aws-cdk/issues/23636))
([de68652](https://togithub.com/aws/aws-cdk/commit/de6865229ee824c01431ae27509dbcd3e1a83763)),
closes [#&#8203;23225](https://togithub.com/aws/aws-cdk/issues/23225)

***

#### Alpha modules (2.60.0-alpha.0)

##### Features

- **gamelift:** add MatchmakingConfiguration L2 Construct for GameLift
([#&#8203;23326](https://togithub.com/aws/aws-cdk/issues/23326))
([9b2573b](https://togithub.com/aws/aws-cdk/commit/9b2573b32e8535d3db21f07647f099c9e01eb292))
- **integ-runner:** support `--language` presets for JavaScript,
TypeScript, Python and Go
([#&#8203;22058](https://togithub.com/aws/aws-cdk/issues/22058))
([22673b2](https://togithub.com/aws/aws-cdk/commit/22673b2ea40c13b6c10a2c7c628ce5cc534f5840)),
closes [#&#8203;21169](https://togithub.com/aws/aws-cdk/issues/21169)

### [`v2.59.0`](https://togithub.com/aws/aws-cdk/releases/v2.59.0)

##### Features

- **cfnspec:** cloudformation spec v105.0.0
([#&#8203;23501](https://togithub.com/aws/aws-cdk/issues/23501))
([72bd3a0](https://togithub.com/aws/aws-cdk/commit/72bd3a0ce96c9fd98bbf2f3eb76db1336c8a3029))
- **s3:** use Bucket Policy for Server Access Logging grant (under
feature flag)
([#&#8203;23386](https://togithub.com/aws/aws-cdk/issues/23386))
([6975a7e](https://togithub.com/aws/aws-cdk/commit/6975a7ea06a5680bebd38ad5c26ab5bd566d33b1)),
closes [#&#8203;22183](https://togithub.com/aws/aws-cdk/issues/22183)
- **servicecatalog:** Add Product Stack Asset Support
([#&#8203;22857](https://togithub.com/aws/aws-cdk/issues/22857))
([ceaac3a](https://togithub.com/aws/aws-cdk/commit/ceaac3ad49fcfdb89ec80c2784934589542e80b6)),
closes [#&#8203;20690](https://togithub.com/aws/aws-cdk/issues/20690)

##### Bug Fixes

- **lambda-nodejs:** unable to use `nodeModules` with pnpm
([#&#8203;21911](https://togithub.com/aws/aws-cdk/issues/21911))
([7c752db](https://togithub.com/aws/aws-cdk/commit/7c752db4aa83b242098483fc006c1100d1be11a9)),
closes [#&#8203;21910](https://togithub.com/aws/aws-cdk/issues/21910)
- **servicecatalog:** make assetBuckets a required property
([#&#8203;23507](https://togithub.com/aws/aws-cdk/issues/23507))
([10b6b96](https://togithub.com/aws/aws-cdk/commit/10b6b96f35ac32a60aa2bf4ea1856158392ae8ad))

***

#### Alpha modules (2.59.0-alpha.0)

### [`v2.58.1`](https://togithub.com/aws/aws-cdk/releases/v2.58.1)

##### Features

- **cfnspec:** cloudformation spec v105.0.0
([#&#8203;23501](https://togithub.com/aws/aws-cdk/issues/23501))
([05c3411](https://togithub.com/aws/aws-cdk/commit/05c3411047ce1d5ad4f2d6e564a6b8d20f76bea6))

***

#### Alpha modules (2.58.1-alpha.0)

### [`v2.58.0`](https://togithub.com/aws/aws-cdk/releases/v2.58.0)

##### Features

- **assertions:** improve printing of match failures
([#&#8203;23453](https://togithub.com/aws/aws-cdk/issues/23453))
([2676386](https://togithub.com/aws/aws-cdk/commit/267638674474c4cac9be5ca0d7f8b9a538ba2e39))

***

#### Alpha modules (2.58.0-alpha.0)

### [`v2.57.0`](https://togithub.com/aws/aws-cdk/releases/v2.57.0)

##### Features

- **cfnspec:** cloudformation spec v103.0.0
([#&#8203;23452](https://togithub.com/aws/aws-cdk/issues/23452))
([e49e57d](https://togithub.com/aws/aws-cdk/commit/e49e57d3106f62c5d64c428cba73b4107d664cba))
- **lambda:** add support for auto-instrumentation with ADOT Lambda
layer ([#&#8203;23027](https://togithub.com/aws/aws-cdk/issues/23027))
([fc70535](https://togithub.com/aws/aws-cdk/commit/fc70535fe699e72332d5ddb4543308e76a89594a))

##### Bug Fixes

- **cfnspec:** v101.0.0 introduced specific types on several types that
previously were typed as json
([#&#8203;23448](https://togithub.com/aws/aws-cdk/issues/23448))
([4fbc182](https://togithub.com/aws/aws-cdk/commit/4fbc1827b8978262da0b5b77b1ee9bc0ecfdcc3e))
- **codedeploy:** referenced Applications are not environment-aware
([#&#8203;23405](https://togithub.com/aws/aws-cdk/issues/23405))
([96242d7](https://togithub.com/aws/aws-cdk/commit/96242d73c0ae853524a567aece86f8a8a514495c))
- **s3:** buckets with SSE-KMS silently fail to receive logs
([#&#8203;23385](https://togithub.com/aws/aws-cdk/issues/23385))
([1b7a384](https://togithub.com/aws/aws-cdk/commit/1b7a384c330d168d64c0cd82118e5b5473d08a67))

***

#### Alpha modules (2.57.0-alpha.0)

##### Bug Fixes

- **aws-redshift:** Columns are not dropped on removal from array
([#&#8203;23011](https://togithub.com/aws/aws-cdk/issues/23011))
([2981313](https://togithub.com/aws/aws-cdk/commit/298131312b513c0e73865e6fff74c189ee99e328)),
closes [#&#8203;22208](https://togithub.com/aws/aws-cdk/issues/22208)

### [`v2.56.1`](https://togithub.com/aws/aws-cdk/releases/v2.56.1)

##### Bug Fixes

- **cfnspec:** v101.0.0 introduced specific types on several types that
previously were typed as json
([#&#8203;23448](https://togithub.com/aws/aws-cdk/issues/23448))
([1b4e3a4](https://togithub.com/aws/aws-cdk/commit/1b4e3a4b503d5d08e976ccf245c20f4430bcba46))

***

#### Alpha modules (2.56.1-alpha.0)

### [`v2.56.0`](https://togithub.com/aws/aws-cdk/releases/v2.56.0)

##### Features

- **aws-cognito:** add AuthSessionValidity property on a UserPoolClient
([#&#8203;23040](https://togithub.com/aws/aws-cdk/issues/23040))
([8896fb9](https://togithub.com/aws/aws-cdk/commit/8896fb902ad9c8d91a5ddb63df64963186bd09e1)),
closes [#&#8203;22854](https://togithub.com/aws/aws-cdk/issues/22854)
- **cfnspec:** cloudformation spec v102.0.0
([#&#8203;23372](https://togithub.com/aws/aws-cdk/issues/23372))
([480b0a5](https://togithub.com/aws/aws-cdk/commit/480b0a5098e51248bbf36ebf2bcec57cc791c2b0))
- **core:** CfnResource dependency methods
([#&#8203;23383](https://togithub.com/aws/aws-cdk/issues/23383))
([ecedb00](https://togithub.com/aws/aws-cdk/commit/ecedb00ee3a3cfcaa2564a679fa635aff38f32d8)),
closes [#&#8203;20419](https://togithub.com/aws/aws-cdk/issues/20419)
[#&#8203;20418](https://togithub.com/aws/aws-cdk/issues/20418)
- **lambda:** expose all docker run options to container bundling of all
lambda variants
([#&#8203;23318](https://togithub.com/aws/aws-cdk/issues/23318))
([02d0876](https://togithub.com/aws/aws-cdk/commit/02d0876bbb196e9fbeb32d977e7cf65229c8559d)),
closes [#&#8203;22829](h

</details>

---

### Configuration

📅 **Schedule**: At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, click
this checkbox.

---

This PR has been generated by [Renovate
Bot](https://togithub.com/renovatebot/renovate).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
@aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants