chore(release): 2.133.0 #29491

Closes #29366. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…Service (#29408) These are newly available as of [2023-12-11 (announcement)](https://aws.amazon.com/about-aws/whats-new/2023/12/aws-appconfig-supports-privatelink/) with endpoint names taken from the [AWS PrivateLink docs](https://docs.aws.amazon.com/vpc/latest/privatelink/aws-services-privatelink-support.html). Testing: tried them in our environment. This PR is modeled after https://github.com/aws/aws-cdk/pull/21401/files, but the package.json code seems to be gone, and I didn't duplicate the verbose no-op tests that the string is the string. ### Reason for this change New VPC Endpoints exist now. ### Description of changes Add the missing constants. ### Description of how you validated changes Tested `appconfigdata` in our account. ### Checklist - [X/N/A] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* Yes, and I am an AWS employee.

…d keys (#29167) ### Issue # (if applicable) Closes #25385 ### Reason for this change This PR fixes a bug in CDK where CDK does not take into account re-specified keys while doing bundling. The CLI supports flags in one of three forms: `--foo`, `--foo=bar`, or `--foo:bar`. However, the `--foo:bar` form was not initially supported. With `--foo:bar`, users can now specify flags that have multiple values and can be re-specified multiple times. ### Description of changes The code has a list of keys that can be re-specified multiple times. While assigning the flags it checks whether the key is among the list of re-specified keys, if yes, it specifies the flag with `:`. ### Description of how you validated changes The PR includes unit test and integration test both to validate the changes. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

See [CHANGELOG](https://github.com/aws/aws-cdk/blob/merge-back/2.132.0/CHANGELOG.md)

Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec` **L1 CloudFormation resource definition changes:** ``` ├[~] service aws-amplify │ └ resources │ └[~] resource AWS::Amplify::App │ ├ properties │ │ └ EnvironmentVariables: (documentation changed) │ └ types │ ├[~] type AutoBranchCreationConfig │ │ └ properties │ │ └ EnvironmentVariables: (documentation changed) │ └[~] type EnvironmentVariable │ └ properties │ ├ Name: (documentation changed) │ └ Value: (documentation changed) ├[~] service aws-apigatewayv2 │ └ resources │ ├[~] resource AWS::ApiGatewayV2::ApiGatewayManagedOverrides │ │ └ types │ │ └[~] type IntegrationOverrides │ │ └ properties │ │ └ IntegrationMethod: (documentation changed) │ └[~] resource AWS::ApiGatewayV2::Integration │ └ properties │ └ IntegrationMethod: (documentation changed) ├[~] service aws-applicationautoscaling │ └ resources │ ├[~] resource AWS::ApplicationAutoScaling::ScalableTarget │ │ └ properties │ │ └ ResourceId: (documentation changed) │ └[~] resource AWS::ApplicationAutoScaling::ScalingPolicy │ └ properties │ └ ResourceId: (documentation changed) ├[~] service aws-autoscaling │ └ resources │ └[~] resource AWS::AutoScaling::AutoScalingGroup │ └ types │ └[~] type InstanceRequirements │ └ properties │ ├ MaxSpotPriceAsPercentageOfOptimalOnDemandPrice: (documentation changed) │ └ SpotMaxPricePercentageOverLowestPrice: (documentation changed) ├[~] service aws-b2bi │ └ resources │ └[~] resource AWS::B2BI::Transformer │ ├ properties │ │ └[-] ModifiedAt: string │ └ attributes │ └ ModifiedAt: (documentation changed) ├[~] service aws-batch │ └ resources │ └[~] resource AWS::Batch::JobDefinition │ ├ properties │ │ └[+] EcsProperties: EcsProperties │ └ types │ ├[+] type EcsProperties │ │ ├ name: EcsProperties │ │ └ properties │ │ └TaskProperties: Array<EcsTaskProperties> (required) │ ├[+] type EcsTaskProperties │ │ ├ name: EcsTaskProperties │ │ └ properties │ │ ├PlatformVersion: string │ │ ├ExecutionRoleArn: string │ │ ├RuntimePlatform: RuntimePlatform │ │ ├TaskRoleArn: string │ │ ├IpcMode: string │ │ ├Volumes: Array<Volumes> │ │ ├Containers: Array<TaskContainerProperties> │ │ ├NetworkConfiguration: NetworkConfiguration │ │ ├PidMode: string │ │ └EphemeralStorage: EphemeralStorage │ ├[~] type NodeRangeProperty │ │ └ properties │ │ ├[+] EcsProperties: EcsProperties │ │ └[+] InstanceTypes: Array<string> │ ├[~] type PodProperties │ │ └ properties │ │ ├[+] InitContainers: Array<EksContainer> │ │ └[+] ShareProcessNamespace: boolean │ ├[+] type TaskContainerDependency │ │ ├ name: TaskContainerDependency │ │ └ properties │ │ ├Condition: string (required) │ │ └ContainerName: string (required) │ └[+] type TaskContainerProperties │ ├ name: TaskContainerProperties │ └ properties │ ├RepositoryCredentials: RepositoryCredentials │ ├User: string │ ├Secrets: Array<Secret> │ ├Privileged: boolean │ ├LinuxParameters: LinuxParameters │ ├ReadonlyRootFilesystem: boolean │ ├Image: string (required) │ ├LogConfiguration: LogConfiguration │ ├Essential: boolean │ ├ResourceRequirements: Array<ResourceRequirement> │ ├Name: string │ ├MountPoints: Array<MountPoints> │ ├DependsOn: Array<TaskContainerDependency> │ ├Command: Array<string> │ ├Environment: Array<Environment> │ └Ulimits: Array<Ulimit> ├[~] service aws-cloudfront │ └ resources │ └[~] resource AWS::CloudFront::Distribution │ └ types │ └[~] type DistributionConfig │ └ properties │ └ HttpVersion: (documentation changed) ├[~] service aws-cloudwatch │ └ resources │ └[~] resource AWS::CloudWatch::Alarm │ └ properties │ └ ComparisonOperator: (documentation changed) ├[~] service aws-codebuild │ └ resources │ └[~] resource AWS::CodeBuild::Project │ └ types │ └[~] type WebhookFilter │ └ properties │ └ Type: (documentation changed) ├[~] service aws-cognito │ └ resources │ └[~] resource AWS::Cognito::UserPool │ └ types │ ├[~] type NumberAttributeConstraints │ │ └ properties │ │ └ MaxValue: (documentation changed) │ └[~] type StringAttributeConstraints │ └ properties │ └ MaxLength: (documentation changed) ├[~] service aws-controltower │ └ resources │ └[~] resource AWS::ControlTower::LandingZone │ └ properties │ └ Manifest: (documentation changed) ├[~] service aws-ec2 │ └ resources │ ├[~] resource AWS::EC2::EC2Fleet │ │ └ types │ │ └[~] type InstanceRequirementsRequest │ │ └ properties │ │ ├ MaxSpotPriceAsPercentageOfOptimalOnDemandPrice: (documentation changed) │ │ └ SpotMaxPricePercentageOverLowestPrice: (documentation changed) │ ├[~] resource AWS::EC2::LaunchTemplate │ │ └ types │ │ ├[~] type Ebs │ │ │ └ properties │ │ │ └ VolumeType: (documentation changed) │ │ └[~] type InstanceRequirements │ │ └ properties │ │ ├ MaxSpotPriceAsPercentageOfOptimalOnDemandPrice: (documentation changed) │ │ └ SpotMaxPricePercentageOverLowestPrice: (documentation changed) │ ├[~] resource AWS::EC2::SecurityGroup │ │ ├ attributes │ │ │ └ Id: (documentation changed) │ │ └ types │ │ └[~] type Egress │ │ └ properties │ │ └[+] SourceSecurityGroupId: string │ ├[~] resource AWS::EC2::SnapshotBlockPublicAccess │ │ └ - documentation: Specifies the state of the *block public access for snapshots* setting for the Region. For more information, see [Block public access for snapshots](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-public-access-snapshots.html) . │ │ + documentation: Specifies the state of the *block public access for snapshots* setting for the Region. For more information, see [Block public access for snapshots](https://docs.aws.amazon.com/ebs/latest/userguide/block-public-access-snapshots.html) . │ ├[~] resource AWS::EC2::SpotFleet │ │ └ types │ │ ├[~] type EbsBlockDevice │ │ │ └ properties │ │ │ └ VolumeType: (documentation changed) │ │ ├[~] type InstanceRequirementsRequest │ │ │ └ properties │ │ │ ├ MaxSpotPriceAsPercentageOfOptimalOnDemandPrice: (documentation changed) │ │ │ └ SpotMaxPricePercentageOverLowestPrice: (documentation changed) │ │ └[~] type LaunchTemplateOverrides │ │ └ properties │ │ └ WeightedCapacity: (documentation changed) │ ├[~] resource AWS::EC2::Volume │ │ ├ - documentation: Specifies an Amazon Elastic Block Store (Amazon EBS) volume. │ │ │ When you use AWS CloudFormation to update an Amazon EBS volume that modifies `Iops` , `Size` , or `VolumeType` , there is a cooldown period before another operation can occur. This can cause your stack to report being in `UPDATE_IN_PROGRESS` or `UPDATE_ROLLBACK_IN_PROGRESS` for long periods of time. │ │ │ Amazon EBS does not support sizing down an Amazon EBS volume. AWS CloudFormation does not attempt to modify an Amazon EBS volume to a smaller size on rollback. │ │ │ Some common scenarios when you might encounter a cooldown period for Amazon EBS include: │ │ │ - You successfully update an Amazon EBS volume and the update succeeds. When you attempt another update within the cooldown window, that update will be subject to a cooldown period. │ │ │ - You successfully update an Amazon EBS volume and the update succeeds but another change in your `update-stack` call fails. The rollback will be subject to a cooldown period. │ │ │ For more information on the cooldown period, see [Requirements when modifying volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/modify-volume-requirements.html) . │ │ │ *DeletionPolicy attribute* │ │ │ To control how AWS CloudFormation handles the volume when the stack is deleted, set a deletion policy for your volume. You can choose to retain the volume, to delete the volume, or to create a snapshot of the volume. For more information, see [DeletionPolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html) . │ │ │ > If you set a deletion policy that creates a snapshot, all tags on the volume are included in the snapshot. │ │ │ + documentation: Specifies an Amazon Elastic Block Store (Amazon EBS) volume. │ │ │ When you use AWS CloudFormation to update an Amazon EBS volume that modifies `Iops` , `Size` , or `VolumeType` , there is a cooldown period before another operation can occur. This can cause your stack to report being in `UPDATE_IN_PROGRESS` or `UPDATE_ROLLBACK_IN_PROGRESS` for long periods of time. │ │ │ Amazon EBS does not support sizing down an Amazon EBS volume. AWS CloudFormation does not attempt to modify an Amazon EBS volume to a smaller size on rollback. │ │ │ Some common scenarios when you might encounter a cooldown period for Amazon EBS include: │ │ │ - You successfully update an Amazon EBS volume and the update succeeds. When you attempt another update within the cooldown window, that update will be subject to a cooldown period. │ │ │ - You successfully update an Amazon EBS volume and the update succeeds but another change in your `update-stack` call fails. The rollback will be subject to a cooldown period. │ │ │ For more information, see [Requirements for EBS volume modifications](https://docs.aws.amazon.com/ebs/latest/userguide/modify-volume-requirements.html) . │ │ │ *DeletionPolicy attribute* │ │ │ To control how AWS CloudFormation handles the volume when the stack is deleted, set a deletion policy for your volume. You can choose to retain the volume, to delete the volume, or to create a snapshot of the volume. For more information, see [DeletionPolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html) . │ │ │ > If you set a deletion policy that creates a snapshot, all tags on the volume are included in the snapshot. │ │ └ properties │ │ ├ Encrypted: (documentation changed) │ │ └ VolumeType: (documentation changed) │ └[~] resource AWS::EC2::VPCCidrBlock │ └ attributes │ └ Id: (documentation changed) ├[~] service aws-ecs │ └ resources │ ├[~] resource AWS::ECS::ClusterCapacityProviderAssociations │ │ └ types │ │ └[~] type CapacityProviderStrategy │ │ └ properties │ │ └ Weight: (documentation changed) │ ├[~] resource AWS::ECS::Service │ │ └ types │ │ ├[~] type DeploymentConfiguration │ │ │ └ - documentation: The `DeploymentConfiguration` property specifies optional deployment parameters that control how many tasks run during the deployment and the ordering of stopping and starting tasks. │ │ │ + documentation: Optional deployment parameters that control how many tasks run during a deployment and the ordering of stopping and starting tasks. │ │ ├[~] type NetworkConfiguration │ │ │ └ - documentation: The `NetworkConfiguration` property specifies an object representing the network configuration for a task or service. │ │ │ + documentation: The network configuration for a task or service. │ │ ├[~] type PlacementConstraint │ │ │ └ - documentation: The `PlacementConstraint` property specifies an object representing a constraint on task placement in the task definition. For more information, see [Task Placement Constraints](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-placement-constraints.html) in the *Amazon Elastic Container Service Developer Guide* . │ │ │ + documentation: An object representing a constraint on task placement. For more information, see [Task placement constraints](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-placement-constraints.html) in the *Amazon Elastic Container Service Developer Guide* . │ │ │ > If you're using the Fargate launch type, task placement constraints aren't supported. │ │ ├[~] type PlacementStrategy │ │ │ ├ - documentation: The `PlacementStrategy` property specifies the task placement strategy for a task or service. For more information, see [Task Placement Strategies](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-placement-strategies.html) in the *Amazon Elastic Container Service Developer Guide* . │ │ │ │ + documentation: The task placement strategy for a task or service. For more information, see [Task placement strategies](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-placement-strategies.html) in the *Amazon Elastic Container Service Developer Guide* . │ │ │ └ properties │ │ │ └ Field: (documentation changed) │ │ └[~] type ServiceRegistry │ │ └ - documentation: The `ServiceRegistry` property specifies details of the service registry. For more information, see [Service Discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html) in the *Amazon Elastic Container Service Developer Guide* . │ │ + documentation: The details for the service registry. │ │ Each service may be associated with one service registry. Multiple service registries for each service are not supported. │ │ When you add, update, or remove the service registries configuration, Amazon ECS starts a new deployment. New tasks are registered and deregistered to the updated service registry configuration. │ └[~] resource AWS::ECS::TaskDefinition │ └ types │ └[~] type EnvironmentFile │ ├ - documentation: A list of files containing the environment variables to pass to a container. You can specify up to ten environment files. The file must have a `.env` file extension. Each line in an environment file should contain an environment variable in `VARIABLE=VALUE` format. Lines beginning with `#` are treated as comments and are ignored. │ │ If there are environment variables specified using the `environment` parameter in a container definition, they take precedence over the variables contained within an environment file. If multiple environment files are specified that contain the same variable, they're processed from the top down. We recommend that you use unique variable names. For more information, see [Specifying environment variables](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/taskdef-envfiles.html) in the *Amazon Elastic Container Service Developer Guide* . │ │ You must use the following platforms for the Fargate launch type: │ │ - Linux platform version `1.4.0` or later. │ │ - Windows platform version `1.0.0` or later. │ │ Consider the following when using the Fargate launch type: │ │ - The file is handled like a native Docker env-file. │ │ - There is no support for shell escape handling. │ │ - The container entry point interperts the `VARIABLE` values. │ │ + documentation: A list of files containing the environment variables to pass to a container. You can specify up to ten environment files. The file must have a `.env` file extension. Each line in an environment file should contain an environment variable in `VARIABLE=VALUE` format. Lines beginning with `#` are treated as comments and are ignored. │ │ If there are environment variables specified using the `environment` parameter in a container definition, they take precedence over the variables contained within an environment file. If multiple environment files are specified that contain the same variable, they're processed from the top down. We recommend that you use unique variable names. For more information, see [Use a file to pass environment variables to a container](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/use-environment-file.html) in the *Amazon Elastic Container Service Developer Guide* . │ │ Environment variable files are objects in Amazon S3 and all Amazon S3 security considerations apply. │ │ You must use the following platforms for the Fargate launch type: │ │ - Linux platform version `1.4.0` or later. │ │ - Windows platform version `1.0.0` or later. │ │ Consider the following when using the Fargate launch type: │ │ - The file is handled like a native Docker env-file. │ │ - There is no support for shell escape handling. │ │ - The container entry point interperts the `VARIABLE` values. │ └ properties │ └ Type: (documentation changed) ├[~] service aws-elasticloadbalancing │ └ resources │ └[~] resource AWS::ElasticLoadBalancing::LoadBalancer │ ├ - documentation: Specifies a Classic Load Balancer. │ │ You can specify the `AvailabilityZones` or `Subnets` property, but not both. │ │ If this resource has a public IP address and is also in a VPC that is defined in the same template, you must use the [DependsOn attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) to declare a dependency on the VPC-gateway attachment. │ │ + documentation: Specifies a Classic Load Balancer. │ │ If this resource has a public IP address and is also in a VPC that is defined in the same template, you must use the [DependsOn attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) to declare a dependency on the VPC-gateway attachment. │ └ properties │ └ AvailabilityZones: (documentation changed) ├[~] service aws-elasticloadbalancingv2 │ └ resources │ └[~] resource AWS::ElasticLoadBalancingV2::Listener │ └ properties │ └ SslPolicy: (documentation changed) ├[~] service aws-emr │ └ resources │ └[~] resource AWS::EMR::Cluster │ ├ properties │ │ └ Name: (documentation changed) │ └ types │ └[~] type JobFlowInstancesConfig │ └ properties │ └ UnhealthyNodeReplacement: (documentation changed) ├[~] service aws-fsx │ └ resources │ └[~] resource AWS::FSx::FileSystem │ └ types │ ├[~] type DiskIopsConfiguration │ │ └ properties │ │ └ Mode: (documentation changed) │ └[~] type OntapConfiguration │ └ properties │ ├ HAPairs: (documentation changed) │ └ ThroughputCapacityPerHAPair: (documentation changed) ├[~] service aws-iotsitewise │ └ resources │ ├[~] resource AWS::IoTSiteWise::AccessPolicy │ │ ├ properties │ │ │ └ AccessPolicyPermission: (documentation changed) │ │ └ types │ │ ├[~] type AccessPolicyIdentity │ │ │ └ properties │ │ │ └ User: (documentation changed) │ │ ├[~] type AccessPolicyResource │ │ │ └ properties │ │ │ ├ Portal: (documentation changed) │ │ │ └ Project: (documentation changed) │ │ ├[~] type Portal │ │ │ └ - documentation: The `Portal` property type specifies the AWS IoT SiteWise Monitor portal for an [AWS::IoTSiteWise::AccessPolicy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iotsitewise-accesspolicy.html) . │ │ │ + documentation: Identifies an AWS IoT SiteWise Monitor portal. │ │ ├[~] type Project │ │ │ └ - documentation: The `Project` property type specifies the AWS IoT SiteWise Monitor project for an [AWS::IoTSiteWise::AccessPolicy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iotsitewise-accesspolicy.html) . │ │ │ + documentation: Identifies a specific AWS IoT SiteWise Monitor project. │ │ └[~] type User │ │ ├ - documentation: The `User` property type specifies the AWS IoT SiteWise Monitor user for an [AWS::IoTSiteWise::AccessPolicy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iotsitewise-accesspolicy.html) . │ │ │ + documentation: Contains information for a user identity in an access policy. │ │ └ properties │ │ └ id: (documentation changed) │ ├[~] resource AWS::IoTSiteWise::Asset │ │ ├ properties │ │ │ ├ AssetDescription: (documentation changed) │ │ │ ├ AssetHierarchies: (documentation changed) │ │ │ └ AssetName: (documentation changed) │ │ └ types │ │ ├[~] type AssetHierarchy │ │ │ ├ - documentation: Describes an asset hierarchy that contains a `childAssetId` and `hierarchyLogicalId` . │ │ │ │ + documentation: Describes an asset hierarchy that contains a hierarchy's name and ID. │ │ │ └ properties │ │ │ └ LogicalId: (documentation changed) │ │ └[~] type AssetProperty │ │ └ properties │ │ ├ Alias: (documentation changed) │ │ ├ LogicalId: (documentation changed) │ │ └ NotificationState: (documentation changed) │ ├[~] resource AWS::IoTSiteWise::AssetModel │ │ ├ - documentation: Creates an asset model from specified property and hierarchy definitions. You create assets from asset models. With asset models, you can easily create assets of the same type that have standardized definitions. Each asset created from a model inherits the asset model's property and hierarchy definitions. For more information, see [Defining asset models](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/define-models.html) in the *AWS IoT SiteWise User Guide* . │ │ │ + documentation: Creates an asset model from specified property and hierarchy definitions. You create assets from asset models. With asset models, you can easily create assets of the same type that have standardized definitions. Each asset created from a model inherits the asset model's property and hierarchy definitions. For more information, see [Defining asset models](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/define-models.html) in the *AWS IoT SiteWise User Guide* . │ │ │ You can create two types of asset models, `ASSET_MODEL` or `COMPONENT_MODEL` . │ │ │ - *ASSET_MODEL* – (default) An asset model that you can use to create assets. Can't be included as a component in another asset model. │ │ │ - *COMPONENT_MODEL* – A reusable component that you can include in the composite models of other asset models. You can't create assets directly from this type of asset model. │ │ ├ properties │ │ │ ├ AssetModelCompositeModels: (documentation changed) │ │ │ ├ AssetModelHierarchies: (documentation changed) │ │ │ ├ AssetModelName: (documentation changed) │ │ │ └ AssetModelProperties: (documentation changed) │ │ └ types │ │ ├[~] type AssetModelCompositeModel │ │ │ └ - documentation: Contains information about a composite model in an asset model. This object contains the asset property definitions that you define in the composite model. You can use composite asset models to define alarms on this asset model. │ │ │ If you use the `AssetModelCompositeModel` property to create an alarm, you must use the following information to define three asset model properties: │ │ │ - Use an asset model property to specify the alarm type. │ │ │ - The name must be `AWS/ALARM_TYPE` . │ │ │ - The data type must be `STRING` . │ │ │ - For the `Type` property, the type name must be `Attribute` and the default value must be `IOT_EVENTS` . │ │ │ - Use an asset model property to specify the alarm source. │ │ │ - The name must be `AWS/ALARM_SOURCE` . │ │ │ - The data type must be `STRING` . │ │ │ - For the `Type` property, the type name must be `Attribute` and the default value must be the ARN of the alarm model that you created in AWS IoT Events . │ │ │ > For the ARN of the alarm model, you can use the `Fn::Sub` intrinsic function to substitute the `AWS::Partition` , `AWS::Region` , and `AWS::AccountId` variables in an input string with values that you specify. │ │ │ > │ │ │ > For example, `Fn::Sub: "arn:${AWS::Partition}:iotevents:${AWS::Region}:${AWS::AccountId}:alarmModel/TestAlarmModel"` . │ │ │ > │ │ │ > Replace `TestAlarmModel` with the name of your alarm model. │ │ │ > │ │ │ > For more information about using the `Fn::Sub` intrinsic function, see [Fn::Sub](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-sub.html) . │ │ │ - Use an asset model property to specify the state of the alarm. │ │ │ - The name must be `AWS/ALARM_STATE` . │ │ │ - The data type must be `STRUCT` . │ │ │ - The `DataTypeSpec` value must be `AWS/ALARM_STATE` . │ │ │ - For the `Type` property, the type name must be `Measurement` . │ │ │ At the bottom of this page, we provide a YAML example that you can modify to create an alarm. │ │ │ + documentation: Contains information about a composite model in an asset model. This object contains the asset property definitions that you define in the composite model. │ │ ├[~] type AssetModelHierarchy │ │ │ ├ - documentation: Describes an asset hierarchy that contains a hierarchy's name, `LogicalID` , and child asset model ID that specifies the type of asset that can be in this hierarchy. │ │ │ │ + documentation: Describes an asset hierarchy that contains a hierarchy's name, ID, and child asset model ID that specifies the type of asset that can be in this hierarchy. │ │ │ └ properties │ │ │ ├ ChildAssetModelId: (documentation changed) │ │ │ ├ LogicalId: (documentation changed) │ │ │ └ Name: (documentation changed) │ │ ├[~] type AssetModelProperty │ │ │ └ properties │ │ │ ├ DataType: (documentation changed) │ │ │ ├ LogicalId: (documentation changed) │ │ │ ├ Name: (documentation changed) │ │ │ └ Type: (documentation changed) │ │ ├[~] type Attribute │ │ │ └ - documentation: Contains an asset attribute property. For more information, see [Defining data properties](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-properties.html#attributes) in the *AWS IoT SiteWise User Guide* . │ │ │ + documentation: Contains an asset attribute property. For more information, see [Attributes](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-properties.html#attributes) in the *AWS IoT SiteWise User Guide* . │ │ ├[~] type ExpressionVariable │ │ │ └ properties │ │ │ └ Name: (documentation changed) │ │ ├[~] type Metric │ │ │ └ - documentation: Contains an asset metric property. With metrics, you can calculate aggregate functions, such as an average, maximum, or minimum, as specified through an expression. A metric maps several values to a single value (such as a sum). │ │ │ The maximum number of dependent/cascading variables used in any one metric calculation is 10. Therefore, a *root* metric can have up to 10 cascading metrics in its computational dependency tree. Additionally, a metric can only have a data type of `DOUBLE` and consume properties with data types of `INTEGER` or `DOUBLE` . │ │ │ For more information, see [Defining data properties](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-properties.html#metrics) in the *AWS IoT SiteWise User Guide* . │ │ │ + documentation: Contains an asset metric property. With metrics, you can calculate aggregate functions, such as an average, maximum, or minimum, as specified through an expression. A metric maps several values to a single value (such as a sum). │ │ │ The maximum number of dependent/cascading variables used in any one metric calculation is 10. Therefore, a *root* metric can have up to 10 cascading metrics in its computational dependency tree. Additionally, a metric can only have a data type of `DOUBLE` and consume properties with data types of `INTEGER` or `DOUBLE` . │ │ │ For more information, see [Metrics](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-properties.html#metrics) in the *AWS IoT SiteWise User Guide* . │ │ ├[~] type PropertyType │ │ │ ├ - documentation: Contains a property type, which can be one of `Attribute` , `Measurement` , `Metric` , or `Transform` . │ │ │ │ + documentation: Contains a property type, which can be one of `attribute` , `measurement` , `metric` , or `transform` . │ │ │ └ properties │ │ │ ├ Attribute: (documentation changed) │ │ │ ├ Metric: (documentation changed) │ │ │ └ Transform: (documentation changed) │ │ ├[~] type Transform │ │ │ └ - documentation: Contains an asset transform property. A transform is a one-to-one mapping of a property's data points from one form to another. For example, you can use a transform to convert a Celsius data stream to Fahrenheit by applying the transformation expression to each data point of the Celsius stream. Transforms can only input properties that are `INTEGER` , `DOUBLE` , or `BOOLEAN` type. Booleans convert to `0` ( `FALSE` ) and `1` ( `TRUE` ).. │ │ │ For more information, see [Defining data properties](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-properties.html#transforms) in the *AWS IoT SiteWise User Guide* . │ │ │ + documentation: Contains an asset transform property. A transform is a one-to-one mapping of a property's data points from one form to another. For example, you can use a transform to convert a Celsius data stream to Fahrenheit by applying the transformation expression to each data point of the Celsius stream. A transform can only have a data type of `DOUBLE` and consume properties with data types of `INTEGER` or `DOUBLE` . │ │ │ For more information, see [Transforms](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-properties.html#transforms) in the *AWS IoT SiteWise User Guide* . │ │ └[~] type VariableValue │ │ └ properties │ │ ├ HierarchyLogicalId: (documentation changed) │ │ └ PropertyLogicalId: (documentation changed) │ ├[~] resource AWS::IoTSiteWise::Gateway │ │ ├ properties │ │ │ └ GatewayName: (documentation changed) │ │ └ types │ │ ├[~] type GatewayCapabilitySummary │ │ │ └ properties │ │ │ └ CapabilityNamespace: (documentation changed) │ │ └[~] type Greengrass │ │ └ properties │ │ └ GroupArn: (documentation changed) │ └[~] resource AWS::IoTSiteWise::Portal │ ├ - documentation: Creates a portal, which can contain projects and dashboards. Before you can create a portal, you must enable IAM Identity Center . AWS IoT SiteWise Monitor uses IAM Identity Center to manage user permissions. For more information, see [Enabling IAM Identity Center](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/monitor-get-started.html#mon-gs-sso) in the *AWS IoT SiteWise User Guide* . │ │ > Before you can sign in to a new portal, you must add at least one IAM Identity Center user or group to that portal. For more information, see [Adding or removing portal administrators](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/administer-portals.html#portal-change-admins) in the *AWS IoT SiteWise User Guide* . │ │ + documentation: Creates a portal, which can contain projects and dashboards. AWS IoT SiteWise Monitor uses IAM Identity Center or IAM to authenticate portal users and manage user permissions. │ │ > Before you can sign in to a new portal, you must add at least one identity to that portal. For more information, see [Adding or removing portal administrators](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/administer-portals.html#portal-change-admins) in the *AWS IoT SiteWise User Guide* . │ └ properties │ └ PortalAuthMode: (documentation changed) ├[~] service aws-iotwireless │ └ resources │ ├[~] resource AWS::IoTWireless::WirelessDevice │ │ └ properties │ │ └ Positioning: (documentation changed) │ └[~] resource AWS::IoTWireless::WirelessDeviceImportTask │ └ attributes │ └ Sidewalk.DeviceCreationFileList: (documentation changed) ├[~] service aws-kendra │ └ resources │ └[~] resource AWS::Kendra::DataSource │ └ types │ └[~] type S3DataSourceConfiguration │ └ properties │ ├ ExclusionPatterns: (documentation changed) │ └ InclusionPatterns: (documentation changed) ├[~] service aws-lambda │ └ resources │ ├[~] resource AWS::Lambda::Alias │ │ └ properties │ │ └ FunctionName: (documentation changed) │ ├[~] resource AWS::Lambda::EventSourceMapping │ │ └ properties │ │ └ FunctionName: (documentation changed) │ ├[~] resource AWS::Lambda::Permission │ │ └ properties │ │ └ FunctionName: (documentation changed) │ └[~] resource AWS::Lambda::Version │ └ properties │ └ FunctionName: (documentation changed) ├[~] service aws-rds │ └ resources │ ├[~] resource AWS::RDS::DBCluster │ │ ├ properties │ │ │ ├ EnableHttpEndpoint: (documentation changed) │ │ │ └ StorageType: (documentation changed) │ │ └ attributes │ │ └[+] StorageThroughput: integer │ └[~] resource AWS::RDS::DBInstance │ └ properties │ ├ DBInstanceClass: (documentation changed) │ └ StorageType: (documentation changed) ├[~] service aws-redshift │ └ resources │ └[~] resource AWS::Redshift::Cluster │ └ properties │ └ Port: (documentation changed) ├[~] service aws-redshiftserverless │ └ resources │ └[~] resource AWS::RedshiftServerless::Namespace │ ├ properties │ │ └[-] SnapshotCopyConfigurations: Array<SnapshotCopyConfiguration> │ └ types │ └[-] type SnapshotCopyConfiguration │ ├ name: SnapshotCopyConfiguration │ └ properties │ ├DestinationRegion: string (required) │ ├DestinationKmsKeyId: string │ └SnapshotRetentionPeriod: integer ├[~] service aws-sagemaker │ └ resources │ ├[~] resource AWS::SageMaker::EndpointConfig │ │ └ types │ │ └[~] type ServerlessConfig │ │ └ properties │ │ └ ProvisionedConcurrency: (documentation changed) │ ├[~] resource AWS::SageMaker::FeatureGroup │ │ └ types │ │ ├[~] type FeatureDefinition │ │ │ └ properties │ │ │ └ FeatureName: (documentation changed) │ │ └[~] type S3StorageConfig │ │ └ - documentation: The Amazon Simple Storage (Amazon S3) location and and security configuration for `OfflineStore` . │ │ + documentation: The Amazon Simple Storage (Amazon S3) location and security configuration for `OfflineStore` . │ └[~] resource AWS::SageMaker::InferenceExperiment │ └ attributes │ ├ Arn: (documentation changed) │ ├ CreationTime: (documentation changed) │ └ Status: (documentation changed) ├[~] service aws-shield │ └ resources │ ├[~] resource AWS::Shield::DRTAccess │ │ └ properties │ │ └ RoleArn: (documentation changed) │ └[~] resource AWS::Shield::ProtectionGroup │ └ properties │ └ Aggregation: (documentation changed) ├[~] service aws-ssm │ └ resources │ ├[~] resource AWS::SSM::Association │ │ └ properties │ │ └ Targets: (documentation changed) │ └[~] resource AWS::SSM::Parameter │ └ properties │ └ Type: (documentation changed) └[~] service aws-wafv2 └ resources ├[~] resource AWS::WAFv2::RuleGroup │ └ types │ ├[~] type FieldToMatch │ │ └ properties │ │ └[+] JA3Fingerprint: JA3Fingerprint │ ├[+] type JA3Fingerprint │ │ ├ documentation: Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information. │ │ │ > You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . │ │ │ You can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* . │ │ │ Provide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration. │ │ │ name: JA3Fingerprint │ │ └ properties │ │ └FallbackBehavior: string (required) │ └[~] type RateBasedStatement │ └ properties │ └[+] EvaluationWindowSec: integer └[~] resource AWS::WAFv2::WebACL └ types ├[~] type FieldToMatch │ └ properties │ └[+] JA3Fingerprint: JA3Fingerprint ├[+] type JA3Fingerprint │ ├ documentation: Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information. │ │ > You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . │ │ You can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* . │ │ Provide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration. │ │ name: JA3Fingerprint │ └ properties │ └FallbackBehavior: string (required) └[~] type RateBasedStatement └ properties └[+] EvaluationWindowSec: integer ```

### Issue # (if applicable) Closes #29360, closes #23810 **Note**: #29421 already adds some of the missing Oracle versions, this PR also includes them ### Reason for this change Update the CDK RDS engine versions to match the current availability, as well as facilitate automated alerts for updates in the future ### Description of changes * Added missing engine version for all RDS engines * This includes engines missing in the CDK that are already deprecated, but still returned by the SDK. The goal is to remove any differences between the two, even if it means a few needless static fields * Updated missing or un-needed `@deprecated` TSDoc tags ### Description of how you validated changes Like I mentioned in #29360 (comment), I'm working on a CLI that compares the `aws-cdk-lib` TypeScript declarations to SDK API calls, in this case `DescribeDBEngineVersions`. I am re-validating these locally edited files as I update them, until I have no differences between the CDK and the live SDK results. This is currently a mostly manual process. I'll add support for more version fields such as `ec2.WindowsVersion` before adding automation, to bridge the other currently missing versions ASAP. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

### Issue # (if applicable) Closes #23854 ### Reason for this change Update the CDK EC2 instance class and size enums to match the current availability ### Description of changes Added the missing instance class and sizes ### Description of how you validated changes This was generated with the help of the same tool I used to create #29422, using the live SDK data to match against the CDK. For the instance types, I am using the `DescribeInstanceTypes` API command in multiple regions (`us-east-1`, `us-east-2`, `us-west-1`, `eu-west-1`.) As far as I could tell, the union of `us-east-1` and `us-east-2` cover all possible instance classes and sizes, but correct me if I'm wrong. As a sanity check, I'm also checking that the CDK does not have more instance types and sizes that the SDK does. It does vary between regions, but of note, there were: * `p4de`, in developer preview * `x2g`, RDS exclusive and not returned by `DescribeInstanceTypes` Finally, I am ignoring some of the previous generation instance classes missing from the CDK, as they are very outdated and weren't added in first place, i.e. `c1`, `t1`, `m1`, `m2`, and `i2`. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

### Issue Closes #24188. ### Reason for this change AWS Step Functions supports the ability to start a Glue Crawler as a task within a state machine. However, this is not configurable. ### Description of changes I've implemented `GlueStartCrawlerRun` class in stepfunctions-tasks and we can create start crawler task easily: ```ts const task = new GlueStartCrawlerRun(stack, 'Task', { crawlerName: 'glue-crawler-name', }); ``` ### Description of how you validated changes I've added both unit and integ tests. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --------- Co-authored-by: Luca Pizzini <lpizzini7@gmail.com> Co-authored-by: GZ <yuanhaoz@amazon.com>

### Issue # (if applicable) Closes #<issue number here>. ### Reason for this change Generate weekly version of the [PR/issues metrics](#28952). ### Description of changes Add new workflow that runs weekly on Mondays @ 9 AM to generate a PR/Issue metrics report for the past week (Monday - Sunday). ### Description of how you validated changes ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…9447) ### Issue # (if applicable) Closes #29420 ### Reason for this change The `cdk list` functionality displays the stacks . For instance ``` > cdk ls producer consumer ``` With the latest changes for list stack dependencies we did add a new flag `-d` to show the dependencies. The dependencies between stacks can be established in 2 ways: 1. Using the resource defined from one stack in another. 2. Using `addDependency()` to add dependency among stacks. Current we are fetching the dependency details through the `CloudStackArtifact`. * Establishing the dependency between stacks through the first method would have the same `displayName` and `id` for the stacks. Using the `-d` flag to display dependencies - ``` ❯ cdk list --show-dependencies - id: producer dependencies: [] - id: consumer dependencies: - id: producer dependencies: [] ``` * Establishing the dependency through `addDependency()` will create a different `displayName` and `id`. In such a case when a user runs `cdk ls` we would want to show the `displayName` and if not present then use the `id` For instance: ``` > cdk ls producer producer/consumer ``` With the `-d` flag we would want to display something like: ``` > cdk ls -d - id: producer dependencies: [] - id: producer/consumer dependencies: - id: producer dependencies: [] ``` With our previous change we didn't consider `displayName` and just fetched `id`s which changes the previous functionality and caused a regression. ### Description of changes With the new changes we are looking out for `displayName` first and if it does not exist we fetch the `id`. ### Description of how you validated changes Added a new unit test and updated integ tests. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

See [CHANGELOG](https://github.com/aws/aws-cdk/blob/merge-back/2.132.1/CHANGELOG.md)

…29403) ### Issue # (if applicable) Closes #29274 ### Reason for this change CDK users were unable to specify their retry strategy if it was specified inline in their ASL state machine definition ### Description of changes Checks if the state definition has an inline retry policy defined. If it does, add it to the existing strategy defined using `addRetry` (if there is one defined, this is where it was failing before) ### Description of how you validated changes Added unit and integration tests ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

… flag) (#29096) ### Reason for this change We discussed about the default pipeline type, it was concluded that the new type (V2) should be the default. #28538 (comment) https://github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/aws-codepipeline/lib/pipeline.ts#L492 ### Description of changes Change the default value using a feature flag so as not to affect existing processing. ### Description of how you validated changes Bot unit and integ tests ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…argateService` (#29431) ### Issue # (if applicable) Closes #29430 (related to #29186 (comment)) ### Reason for this change We can't specify `securityGroups` in `NetworkLoadBalancedFargateService` now. ### Description of changes - Add `securityGroups` property to `NetworkLoadBalancedFargateServiceProps`. - Add unit test - Add integ test ### Description of how you validated changes - Pass unit test - Pass integ test ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

### Issue # (if applicable) Could not find any in the backlog ### Reason for this change Update the CDK listed Kafka versions to match the current availability, as well as add missing deprecated versions ### Description of changes * Added latest version * `3.6.0` also supports tiered storage, see [docs](https://docs.aws.amazon.com/msk/latest/developerguide/msk-tiered-storage.html#msk-tiered-storage-requirements). I replaced the prefix check with a list of supported versions, as I'm not sure if say every reason after 3.6.0 will support it, and the `.tiered` prefix isn't consistently applied anymore * Added two unlisted, deprecated versions, as they are still returned by the SDK. The goal is to remove any differences between the SDK and the CDK to ease future automation ### Description of how you validated changes I compared the current CDK versions to live SDK data, using the `kafka:ListKafkaVersions` API results. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --------- Co-authored-by: GZ <yuanhaoz@amazon.com>

### Issue # (if applicable) ### Reason for this change The existing nested stack diff places a fake property, `NestedTemplate`, in the templates to be diffed. This prevents displaying resource replacement information in the diff, like we do for top level stacks. This PR does *not* add changeset replacement information from changesets, but it does add replacement information from the spec. ### Description of changes Reworked nested stack diff to treat nested stacks as top level stacks. This improves the visual UX and sets us up for using changesets with nested stacks. #### Before <img width="957" alt="Screenshot 2024-02-19 at 1 47 59 PM" src="https://github.com/aws/aws-cdk/assets/66279577/a94275c4-e7c3-4d2c-a924-ee61c36bea4d"> #### After <img width="957" alt="Screenshot 2024-02-19 at 1 48 48 PM" src="https://github.com/aws/aws-cdk/assets/66279577/5263aaf9-ef2f-4228-b413-81e780c4b8f8"> ### Description of how you validated changes Unit tests + manual tests. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

MariaDB is grouped with MySQL, hence adding `MYSQL` as the engine family for MariaDB. <img width="749" alt="Screenshot 2024-03-08 at 12 02 36 PM" src="https://github.com/aws/aws-cdk/assets/3310356/382d5561-6115-4bc1-a7e7-fb4deda57c73"> Closes #29402. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

reverts #29394, which prevented changeset creation during `cdk diff` if a stack did not exist. The lookup of the stack to check its existence is failing for customers that have CI/CD that won't assume the deploy role when running CDK diff. Long-term fix: delete the stack if it didn't exist before we created the changeset, but wait for its state to reach `DELETE_COMPLETE` to avoid problems with subsequent commands. Preserves changes from #29172 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(release): 2.133.0 #29491

chore(release): 2.133.0 #29491

Commits on Mar 8, 2024

Commits on Mar 9, 2024

Commits on Mar 11, 2024

Commits on Mar 12, 2024

Commits on Mar 13, 2024

Commits on Mar 14, 2024