Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(release): 2.165.0 #31966

Merged
merged 62 commits into from
Oct 31, 2024
Merged

chore(release): 2.165.0 #31966

merged 62 commits into from
Oct 31, 2024

Conversation

aws-cdk-automation
Copy link
Collaborator

@aws-cdk-automation aws-cdk-automation commented Oct 31, 2024

See CHANGELOG

shikha372 and others added 30 commits October 15, 2024 18:14
…get (#31872)

### Issue # (if applicable)

None.

### Reason for this change

Missing this test case.

### Description of changes

Adding a unit test to verify `Schedule` works with Lambda Version and correct permissions are added. 

### Description of how you validated changes

Unit test.

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
#31873)

### Issue # (if applicable)

None

### Reason for this change

Missing this test case.

### Description of changes

Adding a unit test to verify `Schedule` works with Lambda Alias and correct permissions are added. 

### Description of how you validated changes

Unit test.

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable)

Internal reference: D166315367

### Reason for this change

In FIPS enabled environments, the MD5 algorithm is not available for use in crypto module.
However by default the S3 client is using an MD5 checksum for content integrity checking.
This causes any S3 upload operation to fail with a cryptography error. 

### Description of changes

We are disabling the S3 content checksums, and are re-enabling the regular SigV4 body signing.
SigV4 uses SHA256 for their content checksum. This configuration matches the default behavior
of the AWS SDKv3 and is a safe choice for all users.

### Description of how you validated changes

For non-FIPS users, we have verified functionality via cli-integ-tests.
For FIPS users, we have manually verified `cdk deploy` is now working in a FIPS enabled environment.
We have also verified the configuration with the affected customer.

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable)

None.

### Reason for this change

Improve ergonomics of the `LambdaInvoke` constructor signature. The second argument is not required so we should not force customers to pass in an empty object.

### Description of changes

Make the `LambdaInvoke` `prop` argument default to empty object.

### Description of how you validated changes

Unit test updated to omit the `prop` argument if no props are being passed.

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Clean up our core aliases to reflect who is working on aws-cdk. 

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.
### Issue # (if applicable)

None

### Reason for this change

There are some interface VPC endpoints which is not supported by AWS CDK.

### Description of changes

Add three interface VPC endpoints

- WorkMail (com.amazonaws.region.workmail)
- AWS End User Messaging Social (com.amazonaws.region.social-messaging)
- AWS Price List (com.amazonaws.region.pricing.api)

### Description of how you validated changes

Execute AWS CLI:

```sh
❯ aws ec2 describe-vpc-endpoint-services --filters Name=service-type,Values=Interface Name=owner,Values=amazon --region us-east-1 --query ServiceNames | grep workmail
    "com.amazonaws.us-east-1.workmail",

❯ aws ec2 describe-vpc-endpoint-services --filters Name=service-type,Values=Interface Name=owner,Values=amazon --region us-east-1 --query ServiceNames | grep social
    "com.amazonaws.us-east-1.social-messaging",

❯ aws ec2 describe-vpc-endpoint-services --filters Name=service-type,Values=Interface Name=owner,Values=amazon --region us-east-1 --query ServiceNames | grep pricing
    "com.amazonaws.us-east-1.pricing.api",
```

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…eation (#31818)

### Issue # (if applicable)

Closes #31329.

### Reason for this change

The timeout setting for the custom resource that executes the query is fixed at 1 minute, causing a timeout when attempting to run heavy operations.
Detail example is describe in [the original issue](#31329 (comment)).

### Description of changes

- Add timeout prop to `DatabaseQueryProps` and `TableProps`

### Description of how you validated changes

Added both unit and integ tests.

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Reason for this change



Aurora MySQL version 1 for MySQL 5.6 is deprecated now.

https://docs.aws.amazon.com/AmazonRDS/latest/AuroraMySQLReleaseNotes/AuroraMySQL.Updates.11Updates.html

### Description of changes



Deprecated the version and no longer use the version in integ tests.

### Description of how you validated changes



### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
What should happen is that the output of shell commands gets buffered, and only printed if the test running them fails.

In practice, we see the output being printed directly.

The buffering code is a bit confusing, and we don't exactly understand why it's not working. Try to simplify the code a bit and remove mutable variable manipulation, to address the above.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable)

N/A

### Reason for this change

The `InterfaceVpcEndpointAwsService` class was missing the AWS Price List service.

### Description of changes

Added `InterfaceVpcEndpointAwsService.PRICING_API` to the enum, connected to the service `'pricing.api'` in accordance with [documentation](https://docs.aws.amazon.com/vpc/latest/privatelink/aws-services-privatelink-support.html).

### Description of how you validated changes

Verified the extension via the documentation, and confirmed the endpoint exists in the console: 
![image](https://github.com/user-attachments/assets/4a85b146-fd97-4ec7-94a0-0f7d6551e6f1)

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Calling this a feat because I believe technically we are updating the functionality of gc. 

Previously we were waiting for stacks in `REVIEW_IN_PROGRESS` to land, because that is the one CFN state that you cannot retrieve a template for (because it doesn't exist yet). However in environments where we are constantly deploying new stacks (like our test environments), we may never get to a state in the allotted time where no stacks are `REVIEW_IN_PROGRESS`.

Instead, we are going to ignore `REVIEW_IN_PROGRESS` stacks. This will introduce a subtle race condition where a previously isolated asset becomes in-use by the `REVIEW_IN_PROGRESS` stack before it turns into a `CREATE_IN_PROGRESS` stack and we can reference its stack. If garbage collection happens to come across the isolated asset while the stack is `REVIEW_IN_PROGRESS` (aka before it is `CREATE_IN_PROGRESS` but after CDK has verified that the assets exist) we will garbage collect the asset. However, we don't expect this to become a big problem in practice.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Follow up to #31611 which introduced S3 Asset Garbage Collection

## ECR Asset Garbage Collection

`cdk gc` now collects ECR assets.

```bash
cdk gc aws://0123456789012/us-east-1 \
  --unstable='gc' \
  --type='ecr'
```

or 

```bash
cdk gc aws://0123456789012/us-east-1 \
  --unstable='gc' \
  --type='all'
```

all other options are duplicated from s3.


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…dk/aws-lambda-python-alpha/test/lambda-handler-project/shared (#31890)

Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.18 to 1.26.19.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p>
<blockquote>
<h2>1.26.19</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3 is raising ~$40,000 USD</a> to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects <a href="https://opencollective.com/urllib3">please consider contributing financially</a> to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Added the <code>Proxy-Authorization</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>.</li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/urllib3/urllib3/compare/1.26.18...1.26.19">https://github.com/urllib3/urllib3/compare/1.26.18...1.26.19</a></p>
<p>Note that due to an issue with our release automation, no <code> multiple.intoto.jsonl</code> file is available for this release.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p>
<blockquote>
<h1>1.26.19 (2024-06-17)</h1>
<ul>
<li>Added the <code>Proxy-Authorization</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>.</li>
<li>Fixed handling of OpenSSL 3.2.0 new error message for misconfiguring an HTTP proxy as HTTPS. (<code>[#3405](urllib3/urllib3#3405) &lt;https://github.com/urllib3/urllib3/issues/3405&gt;</code>__)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/urllib3/urllib3/commit/d9d85c88aa644af56d5e129634e750ce76e1a765"><code>d9d85c8</code></a> Release 1.26.19</li>
<li><a href="https://github.com/urllib3/urllib3/commit/8528b63b6fe5cfd7b21942cf988670de68fcd8c0"><code>8528b63</code></a> [1.26] Fix downstream tests (<a href="https://redirect.github.com/urllib3/urllib3/issues/3409">#3409</a>)</li>
<li><a href="https://github.com/urllib3/urllib3/commit/40b6d1605814dd1db0a46e202d6e56f2e4c9a468"><code>40b6d16</code></a> Merge pull request from GHSA-34jh-p97f-mpxf</li>
<li><a href="https://github.com/urllib3/urllib3/commit/29cfd02f66376c61bd20f1725477925106321f68"><code>29cfd02</code></a> Fix handling of OpenSSL 3.2.0 new error message &quot;record layer failure&quot; (<a href="https://redirect.github.com/urllib3/urllib3/issues/3405">#3405</a>)</li>
<li><a href="https://github.com/urllib3/urllib3/commit/b60064388302f54a3455259ddab121618650a154"><code>b600643</code></a> [1.26] Bump RECENT_DATE (<a href="https://redirect.github.com/urllib3/urllib3/issues/3404">#3404</a>)</li>
<li><a href="https://github.com/urllib3/urllib3/commit/7e2d3890926d4788e219f63e2e36fbeb8714827f"><code>7e2d389</code></a> [1.26] Fix running CPython 2.7 tests in CI (<a href="https://redirect.github.com/urllib3/urllib3/issues/3137">#3137</a>)</li>
<li>See full diff in <a href="https://github.com/urllib3/urllib3/compare/1.26.18...1.26.19">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.18&new-version=1.26.19)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aws/aws-cdk/network/alerts).

</details>
### Issue # (if applicable)

Closes #31911.

### Reason for this change
`InterfaceVpcEndpointAwsService('pricing.api')` enum duplicated.

https://github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/aws-ec2/lib/vpc-endpoint.ts#L518
https://github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/aws-ec2/lib/vpc-endpoint.ts#L520



One side should be deleted.

### Description of changes

Delete the enum that was added later.



### Description of how you validated changes
nothing because only enum changed



### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec`

**L1 CloudFormation resource definition changes:**
```
├[~] service aws-appsync
│ └ resources
│    └[~] resource AWS::AppSync::GraphQLApi
│      ├ properties
│      │  └ EnvironmentVariables: - json
│      │                          + json ⇐ Map<string, string>
│      ├ attributes
│      │  └ Id: (documentation changed)
│      └ types
│         └[~] type LambdaAuthorizerConfig
│           └ properties
│              └ AuthorizerResultTtlInSeconds: - number
│                                              + integer ⇐ number
├[~] service aws-autoscaling
│ └ resources
│    └[~] resource AWS::AutoScaling::AutoScalingGroup
│      ├ properties
│      │  ├[+] AvailabilityZoneDistribution: AvailabilityZoneDistribution
│      │  └ TrafficSources: (documentation changed)
│      └ types
│         ├[+] type AvailabilityZoneDistribution
│         │ ├  name: AvailabilityZoneDistribution
│         │ └ properties
│         │    └CapacityDistributionStrategy: string
│         └[~] type TrafficSourceIdentifier
│           ├  - documentation: undefined
│           │  + documentation: Identifying information for a traffic source.
│           └ properties
│              ├ Identifier: (documentation changed)
│              └ Type: (documentation changed)
├[~] service aws-backup
│ └ resources
│    └[+] resource AWS::Backup::LogicallyAirGappedBackupVault
│      ├  name: LogicallyAirGappedBackupVault
│      │  cloudFormationType: AWS::Backup::LogicallyAirGappedBackupVault
│      │  documentation: Creates a logical container to where backups may be copied.
│      │  This request includes a name, the Region, the maximum number of retention days, the minimum number of retention days, and optionally can include tags and a creator request ID.
│      │  > Do not include sensitive data, such as passport numbers, in the name of a backup vault.
│      │  tagInformation: {"tagPropertyName":"BackupVaultTags","variant":"map"}
│      ├ properties
│      │  ├AccessPolicy: json | string
│      │  ├BackupVaultName: string (required, immutable)
│      │  ├MinRetentionDays: integer (required, immutable)
│      │  ├MaxRetentionDays: integer (required, immutable)
│      │  ├BackupVaultTags: Map<string, string>
│      │  ├Notifications: NotificationObjectType
│      │  ├VaultState: string
│      │  └VaultType: string
│      ├ attributes
│      │  ├BackupVaultArn: string
│      │  └EncryptionKeyArn: string
│      └ types
│         └type NotificationObjectType
│          ├  name: NotificationObjectType
│          └ properties
│             ├BackupVaultEvents: Array<string> (required)
│             └SNSTopicArn: string (required)
├[~] service aws-bedrock
│ └ resources
│    ├[~] resource AWS::Bedrock::Flow
│    │ └ types
│    │    └[~] type PromptModelInferenceConfiguration
│    │      └ properties
│    │         └ TopK: (documentation changed)
│    ├[~] resource AWS::Bedrock::FlowVersion
│    │ └ types
│    │    └[~] type PromptModelInferenceConfiguration
│    │      └ properties
│    │         └ TopK: (documentation changed)
│    ├[~] resource AWS::Bedrock::Prompt
│    │ └ types
│    │    └[~] type PromptModelInferenceConfiguration
│    │      └ properties
│    │         └ TopK: (documentation changed)
│    └[~] resource AWS::Bedrock::PromptVersion
│      └ types
│         └[~] type PromptModelInferenceConfiguration
│           └ properties
│              └ TopK: (documentation changed)
├[~] service aws-cognito
│ └ resources
│    └[~] resource AWS::Cognito::UserPoolIdentityProvider
│      ├ properties
│      │  ├ AttributeMapping: - json
│      │  │                   + Map<string, string> ⇐ json
│      │  └ ProviderDetails: - json
│      │                     + Map<string, string> ⇐ json (required)
│      └ attributes
│         └ Id: (documentation changed)
├[~] service aws-ec2
│ └ resources
│    ├[~] resource AWS::EC2::CapacityReservation
│    │ └ properties
│    │    └ UnusedReservationBillingOwnerId: (documentation changed)
│    └[~] resource AWS::EC2::EIP
│      └ properties
│         ├[+] Address: string (immutable)
│         └[+] IpamPoolId: string (immutable)
├[~] service aws-eks
│ └ resources
│    └[~] resource AWS::EKS::Cluster
│      ├ properties
│      │  ├ Name: (documentation changed)
│      │  └ ZonalShiftConfig: (documentation changed)
│      └ types
│         └[~] type ZonalShiftConfig
│           ├  - documentation: The current zonal shift configuration to use for the cluster.
│           │  + documentation: The configuration for zonal shift for the cluster.
│           └ properties
│              └ Enabled: (documentation changed)
├[~] service aws-elasticache
│ └ resources
│    ├[~] resource AWS::ElastiCache::CacheCluster
│    │ └ properties
│    │    └ Engine: (documentation changed)
│    ├[~] resource AWS::ElastiCache::GlobalReplicationGroup
│    │ └ properties
│    │    └[+] Engine: string
│    └[~] resource AWS::ElastiCache::ReplicationGroup
│      └ properties
│         └ Engine: (documentation changed)
├[~] service aws-imagebuilder
│ └ resources
│    └[~] resource AWS::ImageBuilder::InfrastructureConfiguration
│      ├ properties
│      │  └[+] Placement: Placement
│      └ types
│         └[+] type Placement
│           ├  documentation: By default, EC2 instances run on shared tenancy hardware. This means that multiple AWS accounts might share the same physical hardware. When you use dedicated hardware, the physical server that hosts your instances is dedicated to your AWS account . Instance placement settings contain the details for the physical hardware where instances that Image Builder launches during image creation will run.
│           │  name: Placement
│           └ properties
│              ├AvailabilityZone: string
│              ├Tenancy: string
│              ├HostId: string
│              └HostResourceGroupArn: string
├[~] service aws-iot
│ └ resources
│    ├[~] resource AWS::IoT::DomainConfiguration
│    │ ├ properties
│    │ │  ├ ApplicationProtocol: (documentation changed)
│    │ │  ├ AuthenticationType: (documentation changed)
│    │ │  └ ClientCertificateConfig: (documentation changed)
│    │ └ types
│    │    └[~] type ClientCertificateConfig
│    │      ├  - documentation: An object that specifies the client certificate configuration for a domain.
│    │      │  > This property isn't available in China.
│    │      │  + documentation: An object that specifies the client certificate configuration for a domain.
│    │      └ properties
│    │         └ ClientCertificateCallbackArn: (documentation changed)
│    └[~] resource AWS::IoT::SoftwarePackageVersion
│      └ properties
│         ├ Attributes: (documentation changed)
│         ├ Description: (documentation changed)
│         ├ PackageName: (documentation changed)
│         ├ Tags: (documentation changed)
│         └ VersionName: (documentation changed)
├[~] service aws-iotwireless
│ └ resources
│    └[~] resource AWS::IoTWireless::WirelessDeviceImportTask
│      └ types
│         └[~] type Sidewalk
│           └ properties
│              └ Role: (documentation changed)
├[~] service aws-memorydb
│ └ resources
│    └[~] resource AWS::MemoryDB::Cluster
│      └ properties
│         └[+] Engine: string
├[~] service aws-qbusiness
│ └ resources
│    ├[~] resource AWS::QBusiness::DataSource
│    │ └ properties
│    │    └ Configuration: (documentation changed)
│    └[~] resource AWS::QBusiness::WebExperience
│      └ properties
│         └ Origins: (documentation changed)
├[~] service aws-redshift
│ └ resources
│    └[~] resource AWS::Redshift::Integration
│      ├  - documentation: Integration from a source AWS service to a Redshift cluster
│      │  + documentation: Describes a zero-ETL integration.
│      └ properties
│         ├ AdditionalEncryptionContext: (documentation changed)
│         ├ KMSKeyId: (documentation changed)
│         ├ SourceArn: (documentation changed)
│         ├ Tags: (documentation changed)
│         └ TargetArn: (documentation changed)
├[~] service aws-refactorspaces
│ └ resources
│    └[~] resource AWS::RefactorSpaces::Environment
│      └ properties
│         ├ Name: - string (required, immutable)
│         │       + string (immutable)
│         └ NetworkFabricType: - string (required, immutable)
│                              + string (immutable)
├[~] service aws-resiliencehub
│ └ resources
│    └[~] resource AWS::ResilienceHub::ResiliencyPolicy
│      └ properties
│         └ PolicyDescription: (documentation changed)
├[~] service aws-route53
│ └ resources
│    └[~] resource AWS::Route53::RecordSet
│      └ types
│         └[~] type AliasTarget
│           └ properties
│              └ EvaluateTargetHealth: - boolean
│                                      + boolean (default=false)
└[~] service aws-sagemaker
  └ resources
     ├[~] resource AWS::SageMaker::Domain
     │ ├ properties
     │ │  └[+] TagPropagation: string
     │ └ types
     │    └[~] type DomainSettings
     │      └ properties
     │         └[+] ExecutionRoleIdentityConfig: string
     └[~] resource AWS::SageMaker::Endpoint
       └ attributes
          └[+] EndpointArn: string
```
rix0rrr and others added 12 commits October 30, 2024 16:55
Currently, the generated C# code doesn't compile with this error:

```
error CS0115: 'VpcV2Base._Proxy.Ipv4IpamProvisionedCidrs': no suitable method found to override
```

The reason is that the abstract base class that implements an interface doesn't have an abstract field for that interface. 

Then when a subclass does implement it, it gets rendered to an `override` in C#, but there is no method to override.


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
CDK assets in the bootstrap bucket are content-addressed and immutable so we never naturally create noncurrent versions.
However, with the introduction of the `cdk gc` command, we now have the capacity to delete unused objects in the bucket. Because the bucket is versioned by default, the delete command [actually](https://docs.aws.amazon.com/AmazonS3/latest/userguide/DeletingObjectVersions.html) just replaces the object with a new dummy version (thus the deleted object becomes noncurrent). 

Now that noncurrent objects _can_ happen, if one utilizes `cdk gc`, we are updating the bootstrap template to retain them for 30 days rather than 365 days.

Update to bootstrap version 24 to use this new lifecycle policy in conjunction with `cdk gc`. 

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable)

Closes #22850.

### Reason for this change
To support VPC Ingress Connection  for making App Runner Service private and only accessible from within a VPC.



### Description of changes
* Add `isPubliclyAccessible` property to the `Service` class
* Add `VpcIngressConnection` class



### Description of how you validated changes
Add unit tests and integ tests


### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Add SageMaker pipeline as a Pipes target.
…31951)

because somehow I wrote `continue` instead of `break` in that instance... added a test to make sure.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…eveloper preview (#31952)

### Description of changes

Set maturity for `aws-kinesisfirehose-alpha` and `aws-kinesisfirehose-destinations-alpha` module to `developer-preview`. 

Note: These two modules will be combined when officially stabilized into the `aws-cdk-lib/aws-kinesisfirehose` module which will be RENAMED to `aws-firehose`. 

### Checklist
- [s] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…ipt init templates (#31953)

This reverts #31927

There are some TypeScript init tests failed. Revert the change for now so that it doesn't block the release.

Will investigate why those test failed.

### Issue # (if applicable)

Closes #<issue number here>.

### Reason for this change



### Description of changes



### Description of how you validated changes



### Checklist
- [ ] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…1960)

In our integ tests, we were testing TypeScript versions from 3.9 up to the latest version, which recently broke because of a change to modernize the init templates.

We should up this range to a recent version; the common support lifetime of a TypeScript version is the one on `DefinitelyTyped`, the types registry for TypeScript packages. They only target TS versions less than 2 years old, which at the time of this PR is 4.9 and higher.

Encode that policy into code automatically, so that we don't have to manually keep this minimum version up-to-date. This currently ages out the following versions:

```
  ✕ typescript 3.9 init app
  ✕ typescript 4.0 init app
  ✕ typescript 4.1 init app
  ✕ typescript 4.2 init app
  ✕ typescript 4.3 init app
  ✕ typescript 4.4 init app
  ✕ typescript 4.5 init app
  ✕ typescript 4.6 init app
  ✕ typescript 4.7 init app
  ✕ typescript 4.8 init app
------------------------------8< cut line -----
  ✕ typescript 4.9 init app
  ✓ typescript 5.0 init app
  ✓ typescript 5.1 init app
  ✓ typescript 5.2 init app
  ✓ typescript 5.3 init app
  ✓ typescript 5.4 init app
  ✓ typescript 5.5 init app
  ✓ typescript 5.6 init app
```

Unfortunately not enough to save the TypeScript template modernization change entirely... but at least it's an improvement.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…7 days (#31956)

Closes #29045 

### Reason for this change

AWS Trusted Advisor rolled out the S3 Incomplete Multipart Upload Abort Configuration check to help users manage costs associated with Amazon S3 storage

### Description of changes

Added a new lifecycle rule to the bucket and incremented the bootstrap version to 24.

### Description of how you validated changes

N/a

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable)

Closes #21026.

### Reason for this change
To support UserPool Group L2 Construct.


### Description of changes
Add `UserPoolGroup` class.



### Description of how you validated changes
Add unit tests and integ tests.


### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable)

Closes #29384

### Reason for this change
To support Amazon API Gateway enrichment for EventBridge pipes.



### Description of changes
Add `ApiGatewayEnrichment` construct.



### Description of how you validated changes
Add unit tests and integ test.



### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@aws-cdk-automation aws-cdk-automation added auto-approve pr/no-squash This PR should be merged instead of squash-merging it labels Oct 31, 2024
@aws-cdk-automation aws-cdk-automation requested a review from a team October 31, 2024 17:23
@github-actions github-actions bot added the p2 label Oct 31, 2024
@moelasmar moelasmar added the pr/do-not-merge This PR should not be merged at this time. label Oct 31, 2024
@moelasmar moelasmar removed the pr/do-not-merge This PR should not be merged at this time. label Oct 31, 2024
@aws-cdk-automation
Copy link
Collaborator Author

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: b3600f0
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

Copy link
Contributor

mergify bot commented Oct 31, 2024

Thank you for contributing! Your pull request will be automatically updated and merged without squashing (do not update manually, and be sure to allow changes to be pushed to your fork).

@mergify mergify bot merged commit 00f70f1 into v2-release Oct 31, 2024
11 of 12 checks passed
@mergify mergify bot deleted the bump/2.165.0 branch October 31, 2024 18:12
Copy link

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Oct 31, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
auto-approve p2 pr/no-squash This PR should be merged instead of squash-merging it
Projects
None yet
Development

Successfully merging this pull request may close these issues.