v1.64.0

Known Issues

• eks: ❗ Upgrading an existing cluster with service accounts will cause them to be deleted. If you are using service accounts and upgrading to this version from 1.61.1 or below, please apply the workaround suggested here before deploying.
• eks: ❗ FargateCluster and KubernetesPatch breaks deployment. See #10537.

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

• codedeploy: the default policy for LambdaDeploymentGroup no longer contains sns:Publish on * permissions

• cfn-include: the construction property 'nestedStacks' of class 'CfnInclude' has been renamed to 'loadNestedStacks'

• rds: removed protected member subnetGroup from DatabaseCluster classes

• rds: Cluster now has deletionProtection enabled if its removal policy is RETAIN

• rds: Instance now has deletionProtection enabled by default only if its removal policy is RETAIN

• eks: Clusters previously running k8s version other than 1.15 and bottlerocket AMI(aws-k8s-1.15 variant) will trigger AMI and node replacement.

Features

• cfn-include: add 'loadNestedStack()' method (#10292) (9d6817f)
• cfn-include: the package cloudformation-include is now 'Developer Preview' (#10436) (d45a57c)
• cfnspec: cloudformation spec v18.3.0 (#10385) (dbdc7ff)
• cli: skip bundling for operations where stack is not needed (#9889) (28cee39), closes #9540
• codedeploy: change LambdaDeploymentGroup default managed policy to AWSCodeDeployRoleForLambdaLimited (#10276) (13e7bde)
• cognito: user pool client logout urls (#10301) (5111837)
• custom-resource: allow referencing resource id in updates/deletes (#10327) (a726dad), closes #10305
• ec2: generic ssm backed machine image (#10369) (1dbad6e)
• ec2: user-defined subnet selectors (#10112) (491113d)
• eks: bottlerocket versoin follows the cluster k8s versoin (#10189) (19638a6), closes #10188
• events-targets: supports to specify fargate platform version (#10223) (3dcd01e), closes #10186
• lambda-nodejs: custom bundling image (#10270) (a2174a4), closes #10194
• pipelines: support VPC property in ShellScriptAction (#10240) (08a3c55), closes #9982
• rds: add SQL Server version 15.00.4043.16.v1 (#10289) (a578ef8), closes #10273
• rds: S3 import and export for DatabaseInstances (#10370) (80a2ac9), closes #4419
• rds: support existing cluster subnet groups (#10391) (a1df511), closes #9991
• redshift: support existing cluster subnet groups (#10340) (5ad8cdb), closes #9241
• secretsmanager: import secrets by name (#10309) (a8e8ed3), closes #7444 #7949 #7994
• add support for the 'Version' resource attribute (#10376) (aac235a)
• stepfunctions: added new condition operators (#9920) (b8490f2)
• stepfunctions: support X-Ray tracing (#10371) (#10374) (ad011c0)
• stepfunctions-tasks: handle Lambda service exceptions (#10386) (edf75b6)

Bug Fixes

• bootstrap: no longer creates KMS master key by default (#10365) (bedd4c0), closes #10115
• bootstrapping: --cloudformation-execution-policies not checked (#10337) (ad9a705)
• cfn-include: allow referring to Conditions in Outputs and Rules (#10373) (4751f42)
• cfn-include: correctly handle the 'AWS::CloudFormation::CustomResource' resource type (#10415) (1a5a024)
• cli: --profile is ignored if AWS_ variables are set (#10362) (957a12e)
• cli: cdk synth fails if AWS_ credentials have expired (#10343) (406f665), closes #7849
• cli: stack outputs aren't sorted (#10328) (9f430fc)
• cloudwatch: LTE operator renders wrong symbol (#10418) (2543584), closes #8913
• codebuild: Project.addFileSystemLocation does not work without providing locations at construction (#10460) (994d3c3), closes #10442
• core: CfnParameter of Number type cannot be used as a string (#10422) (28adc88), closes #10228
• diff: deepEqual may miss difference other than DependsOn (#10394) (9bcaf75), closes #10322
• diff: allow strings to be passed for boolean properties (#10378) (673dd82)
• diff: handle YAML short-forms like '!GetAtt' in diff (#10381) (457e109), closes #6537
• dynamodb: cannot change serverSideEncryption from true to false (#8450) (7a266b5), clos...

v1.63.0

Known Issues

• eks: ❗ Upgrading an existing cluster with service accounts will cause them to be deleted. If you are using service accounts and upgrading to this version from 1.61.1 or below, please apply the workaround suggested here before deploying.
• eks: ❗ FargateCluster and KubernetesPatch breaks deployment. See #10537.

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

• appsync: force apiKeyConfig require a Expiration class instead of string

• appsync: Parameter apiKeyConfig takes Expiration class instead of string

• core: custom implementations of IStackSynthesizer
  must now implement synthesize() instead of
  synthesizeStackArtifacts().
• aws-batch: Changed type of ComputeResources.computeResourcesTags from Tag to map

Features

• appsync: add authorization config to the HttpDataSource (#10171) (b2cc277), closes #9971 #9934
• appsync: add support for subscriptions for code-first schema generation (#10078) (65db131), closes #9345
• appsync: implement directives for code-first approach (#9973) (088cd48), closes #9879
• appsync: support enumeration types for code-first approach (#10023) (30a5b80), closes #10023
• appsync: support union types for code-first approach (#10025) (28a9834)
• cfn-include: add support for Hooks (#10143) (4de68c0), closes #9713
• cfn-include: allow renaming the template elements logical IDs (#10169) (cf746a0), closes #9714
• chatbot: log retention support and metrics utility methods (#10137) (0f0d1e7), closes #10135
• cli: support credential_source in aws shared config file (#10272) (940a443)
• codebuild: add git submodule options of codebuild (#10283) (698e5ef), closes #10271
• eks: arm64 support (#9875) (ffb84c6), closes #9915
• eks: bump aws-node-termination-handler to 0.9.5 (#10278) (8cfc190), closes aws/aws-cdk#10277
• eks: managed nodegroup with custom AMI and launch template support (#9881) (5c294fb), closes #9873
• elasticloadbalancingv2: more health check validations to NLB target group (#3703) (#10205) (e3f3332)
• elasticloadbalancingv2: multiple security groups for ALBs (#10244) (1ebf362), closes #5138
• lambda-nodejs: improved project root detection (#10182) (cce83dc), closes #10174
• pipelines: adding IAM permissions to ShellScriptAction (#10149) (ec15485), closes #9600
• rds: database clusters from snapshots (#10130) (915eb4b), closes #4379
• rds: deprecate OracleSE and OracleSE1 engine versions (#10241) (562f891), closes #9249
• rds: metrics for clusters (#10162) (49f6034), closes #5212
• route53-patterns: support IPv6 in HttpsRedirect (#10203) (a1f6e1b)
• secrets-manager: exclude characters for password rotation applications (#10110) (1260d52), closes #4144

Bug Fixes

• appsync: strongly type expires prop in apiKeyConfig (#9122) (287f808), closes #8698
• aws-batch: computeResources tags are not configured properly (#10209) (40222ef), closes #7350
• cfn-include: correctly parse YAML strings in short-form GetAtt (#10197) (a388d70), closes #10177
• cfn-include: correctly substitute falsy parameter values (#10195) (8791f88), closes #10107
• cli: metadata not recorded for templates >50k (#10184) (dfd2baf)
• cli: simplify lib template (#10175) (fc3ec9b)
• cli: unable to set termination protection for pipeline stacks (#9938) (a00a4ee)
• cloudfront: comment for origin access identity is too long (#10266) (495aeb9), closes #10211
• codepipeline: cross-region support stack requires bootstrapping (#10217) (b5ff4d6), closes #10215
• core: DefaultSynthesizer breaks this.node.setContext() on Stack (#10246) (61865aa)
• core: Stacks render CloudFormation elements in nested Stages (#10156) (5f36f6b), closes #9792 #9669
• custom-resources: deleting custom resource fails when using two or more (#10012) (8d23f24)
• ec2: cfn-init user data hash not updated if file asset changes (#10216) (0d7ca63), closes [#10206](https://github.com/...

v1.62.0

Known Issues

• eks: ❗ Upgrading an existing cluster with service accounts will cause them to be deleted. If you are using service accounts and upgrading to this version from 1.61.1 or below, please apply the workaround suggested here before deploying.
• eks: ❗ FargateCluster and KubernetesPatch breaks deployment. See #10537.

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

• eks: when importing EKS clusters using eks.Cluster.fromClusterAttributes, the clusterArn attribute is not supported anymore, and will always be derived from clusterName.
• eks: Only a single eks.Cluster is allowed per CloudFormation stack.
• eks: The securityGroups attribute of ClusterAttributes is now securityGroupIds.
• cli: --qualifier must be alphanumeric and not longer than 10 characters when bootstrapping using newStyleStackSynthesis.

Features

• appsync: support Input Types for code-first approach (#10024) (3f80ae6)
• appsync: support query & mutation generation for code-first approach (#9992) (1ed119e), closes #9308 #9310
• aws-chatbot: Support L2 construct for SlackChannelConfiguration of chatbot. (#9702) (05f5e62), closes #9679
• bootstrap: customizable bootstrap template (#9886) (2596ef7), closes #9256 #8724 #3684 #1528 #9681
• cli: control progress output style with --progress=bar|events (#9623) (56de5e1), closes #8696
• cloudfront: import existing CloudFrontWebDistributions (#10007) (ff33b54), closes #5607
• cloudfront: support includeBody for Lambda@Edge (#10008) (9ffb268), closes #7085
• ecs: bottlerocket support (#10097) (088abec), closes #10085
• eks: kubectl layer customization (#10090) (0aa7ada), closes #7992
• eks: support adding k8s resources to imported clusters (#9802) (4439481), closes #5383
• logs: specify log group's region for LogRetention (#9804) (0ccbc5d)
• pipelines: SimpleSynthAction takes array of build commands (#10152) (44fcb4e), closes #9357
• pipelines: add control over underlying CodePipeline (#10148) (41531b5), closes #9021
• rds: add support for joining instance to domain (#9943) (f2d77d1), closes #9869
• rds: custom security groups for OptionGroups (ea1072d), closes #9240
• rds: custom security groups for OptionGroups (#10011) (5738dc1), closes #9240
• rds: performance insights for DatabaseCluster instances (#10092) (9c1b0c1), closes #7957
• rds: rename DatabaseInstanceNewProps.vpcPlacement to vpcSubnets (#10093) (ec423ef), closes #9776
• elasticloadbalancingv2: convenience method for ALB redirects (#9913) (5bed08a)

Bug Fixes

• apigateway: burst and rate limits are set to unlimited when configured to 0 (#10088) (96f1772), closes #10071
• appsync: GraphQLApi.UserPoolConfig requires DefaultAction (#10031) (6114045), closes #10028
• aws-elasticloadbalancingv2: fix load balancer deletion protection to properly update when set to false (#9986) (a65dd19)
• aws-sns: enable topic encryption with cross account keys (#10056) (327b72a), closes #10055
• aws-stepfunctions-tasks: missing permission to get build status (#10081) (cbdd084), closes #8043
• aws-stepfunctions-tasks: SageMaker create training job has incorrect property name for AttributeNames (#10026) (ba51ea3), closes #10014
• cfn-include: allow Conditions to reference Mappings in their definitions (#10105) (aa2068f), closes #10099
• cfn-include: allow parameters to be replaced across nested stacks (#9842) (9ea8d5c), closes #9838
• cli: AssumeRole profiles require a [default] profile (#10032) (95c0332), closes #9937
• cli: bootstrapping qualifier length not validated (#10121) (e069263), closes #9255
• cli: Linux browser not supported for cdk docs (#9549) (663913f), closes #2847
• cli: re-bootstrapping loses previous configuration (#10120) (4e5829a), closes #10091
• cli: unable to upgrade new style bootstrap to version (#10030) (c5bb55c), closes #10016
• cloudfront: Distribution does not add edgelambda trust policy (#10006) (9098e29), closes #9998
• **custom...

v1.61.1

Bug Fixes

• cli: unable to upgrade new style bootstrap to version (#10030) (8d3e422), closes #10016

v1.61.0

Features

• appsync: implement resolvable fields for code-first schema (#9660) (9e3b798)
• appsync: separating schema from graphql api (#9903) (8d71fa1)
• cli: automatically determine region on EC2 instances (#9313) (1cf986d)
• core: facility to warn when deprecated APIs are used (#9585) (b1d0ac0)
• custom-resources: function name for AwsCustomResource (#9774) (6da6581), closes #9771
• eks: envelope encryption for secrets (#9438) (65fd3e6), closes #9140
• rds: deletion protection for RDS cluster (#9871) (ef98b9f), closes #6944
• rds: grantConnect for database instances (#9887) (e893828), closes #1558
• region-info: add information for af-south-1 and eu-south-1 regions (#9569) (9d76c26)
• s3: imported buckets can have an explicit region (#9936) (f0c76ac), closes #8280 #9556
• stepfunctions-tasks: add support for CodeBuild StartBuild API (#9757) (dae54ec), closes #8043

Bug Fixes

• appsync: add dependency between apikey and schema (#9737) (4448794), closes #8168 #9736 #8168
• bootstrap: add alias for the asset key (#9872) (952e686), closes #6719
• cfn-include: allow numbers to be passed to string properties (#9849) (4c8c6f1), closes #9784
• cfn-include: short form for Condition (#9865) (371e8da), closes #9785
• core: Access Denied using legacy synthesizer with new bootstrap (#9831) (960ef12)
• core: Duration incorrectly renders Days (#9935) (0ca09a7), closes #9906
• elasticloadbalancingv2: imported listener ignores conditions attribute (#9939) (1c9b733), closes #8385 #9262 #9320 #9643
• lambda: cannot use latest version in multiple cloudfront distributions (#9966) (71c60f2), closes #4459
• lambda: grantInvoke fails on second invocation (#9960) (0fc5899), closes #8553
• lambda-nodejs: incorrect working directory for local bundling (#9870) (a4185a0), closes #9632

v1.60.0

⚠ BREAKING CHANGES

• cloudfront: Distribution: .domains must be specified if certificate is provided.
• appsync: appsync.addXxxDataSource name and description props are now optional and in an DataSourceOptions interface.

• appsync: the props name and description in addXxxDataSource have been moved into new props options of type DataSourceOptions
• appsync: DataSourceOptions.name defaults to id
• appsync: DataSourceOptions.description defaults to undefined

Features

• amplify: automatic branch deletion (#9663) (4ee37a4), closes #9650
• appsync: code-first schema allows for object type definition (#9417) (6f1782f), closes #9307
• appsync: import existing graphql api (#9254) (5732b8e), closes #6959
• aws-cloudwatch: log query widget visualisation types (#9694) (8debcf8), closes #9675
• cli: MFA support (#6510) (611c48d), closes #1248
• make imported resources account/region-aware (#8280) (d6278b3), closes #2807 #5740 #7012
• cfn-include: add support for retrieving Mapping objects from the template (#9777) (a038304), closes #9711
• cfn-include: add support for retrieving Rule objects from the template (#9783) (e4720bf), closes #9712
• cloudfront: Distribution - alternate domains (#9699) (97e44a7)
• codebuild: support images with WINDOWS_SERVER_2019_CONTAINER environment type (#9526) (d3813e7), closes #9484
• custom-resources: optional latest SDK installation for AwsCustomResource (#9515) (effdd3c), closes #9289 #9322
• ec2: CloudFormation init for files, packages, sources, users, & groups (#9664) (d6c44e8), closes #9065 #8788 #8788
• ecs: add EfsVolumeConfiguration to Volume (#8467) (85ff9fd)
• ecs: add support for automatic HTTPS redirect (#9341) (84a3ef6), closes #8488
• pipelines: add PolicyStatements to CodeBuild project role (#9527) (c570d9c), closes aws/aws-cdk#9163
• rds: CloudWatch logs exports for DB clusters (#9772) (118e5c6), closes #7810
• rds: Validate log types for clusters (#9797) (85fdeb5), closes #9772 #9772 #9772

Bug Fixes

• apigateway: access log format does not allow tokens (#9769) (a7c5c75), closes #9687
• build: Prereq check - support paths with spaces. (9ca1d02), closes #9749
• cfn-include: handle numbers expressed as strings in templates (#9525) (e9a4102), closes #9524
• cli: "fancy" progress reporting not disabled on all CI systems (#9516) (97ef371), closes #8696 #8893
• cli: CLI does not use regional endpoints (#9835) (34450b0), closes #9223
• cli: stack monitor reads complete stack history every 5 seconds (#9795) (cace51a), closes #9470
• cli: SynthUtils is not used (#9836) (9f1007e)
• cloudformation-diff: DependsOn singleton arrays aren't equal to string values (#9814) (49cdb47)
• cloudfront: all origin access identities have identical names (#9829) (ca79188), closes #9580
• cloudfront: Distribution ignores webAclId (#9828) (366c781), closes #9635 #9824
• cloudfront: Update Suported Security Protocol enum and set TLS_V1_2_2019 as a default version (#9738) (f6c25ad), closes #9212
• codebuild: fails on using PR Events together with FILE_PATH filters in a FilterGroup (#9725) (fdaf6bc), closes #8867
• codepipeline: Service Catalog action generated incorrect file path (#9773) (286ff50), closes #9767
• eks: AMI changes in managed SSM store param causes rolling update of ASG (#9746) (44f7753), closes #7273
• elbv2: NLB Target Group does not inherit protocol (#9331) (#9651) (171ab59)
• lambda: compute platform missing for autocreated profiling group (#9716) (a8f4c9f)
• lambda-nodejs: cannot bundle when entry file is named index.ts (#9724) (bb90fbe), closes #9709
• lambda-nodejs: NodejsFunction construct incompatible with lambda@edge (#9562) ([dfe2c5c](dfe2c5c665a5662972098...

v1.59.0

⚠ BREAKING CHANGES

• eks: cluster.addResource was renamed to cluster.addManifest and KubernetesResource was renamed to KubernetesManifest
• cloudfront: (cloudfront) Changed IDs for Distributions (will cause resource replacement).

Features

• cfn-include: allow passing Parameters to the included template (#9543) (cb6de0a)
• cfnspec: cloudformation spec v16.3.0 (#9452) (fb5068d)
• cloudfront: Distribution support for logging, geo restrictions, http version and IPv6 (#9635) (4c62702)
• codebuild: add support for GPU build images (#8879) (b1b4cee), closes #8408
• codeguruprofiler: add support for ComputePlatform in ProfilingGroup (#9391) (5a64bc5)
• ec2: CloudFormation-init support (#9065) (014c13a), closes #8788 #9063 #9063
• eks: ability to query runtime information from the cluster (#9535) (4bc8188), closes #8394
• synthetics: Synthetics L2 Support (#8824) (691b349), closes #7687

Bug Fixes

• cloudfront: ensures origin groups are added with their own ID as a target (#9593) (246842f), closes #9561 #9561
• cloudfront: Escape hatch support for Distribution (#9648) (cc229c2), closes #9620
• codepipeline: S3 source Action with trigger=Events fails for bucketKey a Token (#9575) (43214b4), closes #9554
• ec2: can't use imported Subnets in a SubnetSelection (#9579) (1c4eae8)

v1.58.0

Features

• cloudwatch: alarm status widget (#9456) (41940d3)
• cognito: better control sms role creation (#9513) (a772fe8), closes #6943
• core: local bundling provider (#9564) (3da0aa9)
• core: new annotations api (#9563) (ae9ed62), closes /github.com/aws/aws-cdk-rfcs/blob/master/text/0192-remove-constructs-compat.md#09
• core: new APIs for Aspects and Tags (#9558) (a311428), closes /github.com/aws/aws-cdk-rfcs/blob/master/text/0192-remove-constructs-compat.md#02
• ecs: Option to encrypt lifecycle hook SNS Topic (#9343) (38aad67)
• events: use existing Role when running ECS Task (#8145) (aad951a), closes #7859
• global-accelerator: referencing Global Accelerator security group (#9358) (1fe9684)
• iam: validate policies for missing resources/principals (#9269) (60d01b1), closes #7615
• lambda: autoscaling for lambda aliases (#8883) (d9d9b90)
• readme: include partitions.io cdk board in "getting help" (#9541) (f098014)
• "stack relative exports" flag (#9604) (398f872)
• secretsmanager: Specify secret value at creation (#9594) (07fedff), closes #5810

Bug Fixes

• cfn-include: allowedValues aren't included when specified by a parameter (#9532) (e7dc82f)
• codedeploy: ServerDeploymentGroup takes AutoScalingGroup instead of IAutoScalingGroup (#9252) (9ff55ae), closes #9175
• docdb: autoMinorVersionUpgrade property was not set to true by default as stated in the docstring (#9505) (e878f9c)
• ec2: Volume grants have an overly complicated API (#9115) (74e8391), closes #9114
• efs: LifecyclePolicy of AFTER_7_DAYS is not applied (#9475) (f78c346), closes #9474
• eks: clusters in a FAILED state are not detected (#9553) (d651948)
• eks: private endpoint access doesn't work with Vpc.fromLookup (#9544) (dd0f4cb), closes #9542 #5383
• lambda: cannot create lambda in public subnets (#9468) (b46fdc9)
• pipelines: CodeBuild images have (too) old Node version (#9446) (bd45f34), closes #9070
• pipelines: manual approval of changeset uses wrong ordering (#9508) (5c01da8), closes #9101 #9101

v1.57.0

⚠ BREAKING CHANGES

• apigatewayv2: The parameter for the method bind() on
  IHttpRouteIntegration has changed to accept one of type
  HttpRouteIntegrationBindOptions. The previous parameter
  IHttpRoute is now a property inside the new parameter under
  the key route.
• eks: The experimental eks.Cluster construct no longer supports setting kubectlEnabled: false. A temporary drop-in alternative is eks.LegacyCluster, but we have plans to completely remove support for it in an upcoming release since eks.Cluster has matured and should provide all the needed capabilities. Please comment on #9332 if there are use cases that are not supported by eks.Cluster.
• eks: endpoint access is configured to private and public by default instead of just public
• lambda.Version and apigateway.Deployment resources with auto-generated IDs will be replaced as we fixed a bug which ignored resource dependencies when generating these logical IDs.
• core: in unit tests, the node.path of constructs within stacks created the root of the tree via new Stack() will now have a prefix Default/ which represents an implicit App root.

Related: aws/aws-cdk-rfcs#192

• cloudfront: the property OriginBase.originId has been removed

Features

• apigateway: additionalProperties in RestApi Model supports JsonSchema type (#8848) (5e087e5), closes #8069
• apigateway: configure endpoint types on SpecRestApi (#9068) (7673e48), closes #9060
• apigateway: import API keys (#9155) (e3f6ae3), closes #8367
• appsync: add x-ray parameter to AppSync (#9389) (51921ad)
• cloudfront: add support for Origin Groups (#9360) (11e146c), closes #9109
• cloudfront: Behaviors support cached methods, compression, viewer protocol, and smooth streaming (#9411) (2451fa9), closes #7086 #9107
• core: implicit app for root stacks (#9342) (1d85a9f)
• core: warn if an aspect was added via another aspect (#8639) (9d7bef7)
• eks: default masters role (#9464) (b80c271), closes #9463
• eks: deprecate "kubectlEnabled: false" (#9454) (2791017), closes #9332
• eks: endpoint access customization (#9095) (692864c), closes #5220 /github.com/aws/aws-cdk/pull/9095#issuecomment-665621701
• s3: Introduce S3 Inventory (#9102) (b0f359e)

Bug Fixes

• apigatewayv2: cyclic dependency between HttpApi and the lambda function (#9100) (7b29774), closes #9075

• athena: WorkGroup tags corruption (#9085) (b688913), closes #6936

• aws-lambda-python: use cp instead of rsync (#9355) (056bcaf), closes #9349

• cfn-include: fails to load SAM resources (#9442) (1de9dc8)

• cfn-include: no longer concatenate elements of Fn::Join without tokens (#9476) (d038b61)

• core: can't have multiple CfnRules in a Stack (#9500) (76a7bfd), closes #8251 #9485

• core: docs for CfnMapping are not clear (#9451) (c1e3c57), closes #9432

• dynamodb: allow using PhysicalName.GENERATE_IF_NEEDED as the Table name (#9377) (8ab7b10), closes #9374

• ecs: Scope-down IAM permissions for ECS drain (#9502) (9fbeec3)

• ecs: Scope-down IAM permissions on Cluster ASG (#9493) (1670289)

• ecs-patterns: Adds missing option to secure ingress of ALB in Ap… (#9434) (ba1427f)

• lambda: bundling docker image does not exist for Go runtime (#9465) (7666d9b), closes #9435

• cloudfront: remove the originId property from OriginBase (#9380) (70b9f63)

• do not use "synthesize" and "prepare" in the cdk (#9410) (e3ae645), closes /github.com/aws/aws-cdk/pull/9410#issuecomment-668552361

v1.56.0

⚠ BREAKING CHANGES

• appsync: appsync prop schemaDefinition no longer takes string, instead it is required to configure schema definition mode.

• appsync: schemaDefinition takes param SchemaDefinition.XXX to declare how schema will be configured
  • SchemaDefinition.CODE allows schema definition through CDK
  • SchemaDefinition.FILE allows schema definition through schema.graphql file

• cloudfront: Removed origin classes from the aws-cloudfront module.
• aws-cloudfront: Removed S3Origin and HttpOrigin from the aws-cloudfront module. Use the S3Origin and HttpOrigin classes in the aws-cloudfront-origins module instead.
• aws-cloudfront: Renamed Origin to OriginBase.
• cloudfront: the property Origin.domainName has been removed

Features

• cfn-include: add support for the Fn::Sub function (#9275) (2a48495)
• core: make the CfnParameter class mutable (#9365) (860966a), closes #9364

Bug Fixes

• certificatemanager: DNS validation for wildcard certificates (#9291) (419278b), closes #9248

• pipelines: reduce assets IAM policy size (#9333) (88d563f), closes #9316

• appsync: strongly type schema definition mode (#9283) (b46aa99), closes #9301

• cloudfront: README updates and notes of breaking changes (#9356) (fbb0418), closes #9326

• cloudfront: small refactoring of the Origin API (#9281) (cbfdc15), closes #9109