[pull] master from aws:master #457

pull · 2022-02-11T18:48:50Z

See Commits and Changes for more details.

Can you help keep this open source service alive? 💖 Please sponsor : )

Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 2 to 3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update default runtime to node16 (<a href="https://github-redirect.dependabot.com/actions/download-artifact/pull/134">actions/download-artifact#134</a>)</li> <li>Update package-lock.json file version to 2 (<a href="https://github-redirect.dependabot.com/actions/download-artifact/pull/136">actions/download-artifact#136</a>)</li> </ul> <h3>Breaking Changes</h3> <p>With the update to Node 16, all scripts will now be run with Node 16 rather than Node 12.</p> <h2>v2.1.0 Download Artifact</h2> <ul> <li>Improved output & logging</li> <li>Fixed issue where downloading all artifacts could cause display percentages to be over 100%</li> <li>Various small bug fixes & improvements</li> </ul> <h2>v2.0.10</h2> <ul> <li>Retry on HTTP 500 responses from the service</li> </ul> <h2>v2.0.9</h2> <ul> <li>Fixes to proxy related issues</li> </ul> <h2>v2.0.8</h2> <ul> <li>Improvements to retryability if an error is encountered during artifact download</li> </ul> <h2>v2.0.7 download-artifact</h2> <ul> <li>Improved download retry-ability if a partial download is encountered</li> </ul> <h2>v2.0.6</h2> <p>Update actions/core NPM package that is used internally</p> <h2>v2.0.5</h2> <ul> <li>Add Third Party License Information</li> </ul> <h2>v2.0.4</h2> <ul> <li>Use the latest version of the <code>@actions/artifact</code> NPM package</li> </ul> <h2>v2.0.3</h2> <ul> <li>Misc improvements</li> </ul> <h2>v2.0.2</h2> <ul> <li>Support for tilde expansion</li> </ul> <h2>v2.0.1</h2> <ul> <li>Download path output</li> <li>Improved logging</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/fb598a63ae348fa914e94cd0ff38f362e927b741"><code>fb598a6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/download-artifact/issues/136">#136</a> from actions/jtamsut/update-lockfile-version</li> <li><a href="https://github.com/actions/download-artifact/commit/a4a09c5d7eb5932e0e6c4e77a434738189a24f1b"><code>a4a09c5</code></a> regenerate index.js</li> <li><a href="https://github.com/actions/download-artifact/commit/9acf51df7946118a04918663acc5d955f49de177"><code>9acf51d</code></a> regenerate package lock</li> <li><a href="https://github.com/actions/download-artifact/commit/882107232564f8bc8c5083706e009246f11aa871"><code>8821072</code></a> upgrade artifact version</li> <li><a href="https://github.com/actions/download-artifact/commit/b8bbd3b64f298f12cfabf7d85ee4e716714eae3b"><code>b8bbd3b</code></a> regenerate lockfile</li> <li><a href="https://github.com/actions/download-artifact/commit/6ee3d963e5a7ed7dac02925e126c37e459c36aa6"><code>6ee3d96</code></a> revert artifact version</li> <li><a href="https://github.com/actions/download-artifact/commit/d4793f4e27ec52069836c96d310f815ffa48176c"><code>d4793f4</code></a> update docs for v3</li> <li><a href="https://github.com/actions/download-artifact/commit/2d338d2145c33c497f1f4f574ca1eb88e1061a8e"><code>2d338d2</code></a> upgrade package to v3</li> <li><a href="https://github.com/actions/download-artifact/commit/360d0830b5796c983178d8073e39063e8d32bc46"><code>360d083</code></a> update dependency on artifact lib</li> <li><a href="https://github.com/actions/download-artifact/commit/d9b73cccacd09ac21cc34b82578e6cbb1b4e2539"><code>d9b73cc</code></a> update lock file</li> <li>Additional commits viewable in <a href="https://github.com/actions/download-artifact/compare/v2...v3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/download-artifact&package-manager=github_actions&previous-version=2&new-version=3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update default runtime to node16 (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/293">#293</a>)</li> <li>Update package-lock.json file version to 2 (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/302">#302</a>)</li> </ul> <h3>Breaking Changes</h3> <p>With the update to Node 16, all scripts will now be run with Node 16 rather than Node 12.</p> <h2>v2.3.1</h2> <p>Fix for empty fails on Windows failing on upload <a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/281">#281</a></p> <h2>v2.3.0 Upload Artifact</h2> <ul> <li>Optimizations for faster uploads of larger files that are already compressed</li> <li>Significantly improved logging when there are chunked uploads</li> <li>Clarifications in logs around the upload size and prohibited characters that aren't allowed in the artifact name or any uploaded files</li> <li>Various other small bugfixes & optimizations</li> </ul> <h2>v2.2.4</h2> <ul> <li>Retry on HTTP 500 responses from the service</li> </ul> <h2>v2.2.3</h2> <ul> <li>Fixes for proxy related issues</li> </ul> <h2>v2.2.2</h2> <ul> <li>Improved retryability and error handling</li> </ul> <h2>v2.2.1</h2> <ul> <li>Update used actions/core package to the latest version</li> </ul> <h2>v2.2.0</h2> <ul> <li>Support for artifact retention</li> </ul> <h2>v2.1.4</h2> <ul> <li>Add Third Party License Information</li> </ul> <h2>v2.1.3</h2> <ul> <li>Use updated version of the <code>@action/artifact</code> NPM package</li> </ul> <h2>v2.1.2</h2> <ul> <li>Increase upload chunk size from 4MB to 8MB</li> <li>Detect case insensitive file uploads</li> </ul> <h2>v2.1.1</h2> <ul> <li>Fix for certain symlinks not correctly being identified as directories before starting uploads</li> </ul> <h2>v2.1.0</h2> <ul> <li>Support for uploading artifacts with multiple paths</li> <li>Support for using exclude paths</li> <li>Updates to dependencies</li> </ul> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/6673cd052c4cd6fcf4b4e6e60ea986c889389535"><code>6673cd0</code></a> Update <code>lockfileVersion</code> in <code>package-lock.json</code> (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/302">#302</a>)</li> <li><a href="https://github.com/actions/upload-artifact/commit/2244c8200304ec9588bf9399eac622d9fadc28c4"><code>2244c82</code></a> Update to node16 (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/293">#293</a>)</li> <li><a href="https://github.com/actions/upload-artifact/commit/87348cee5fefa95e42e9b4804b4d68e130304158"><code>87348ce</code></a> Add 503 warning when uploading to the same artifact</li> <li>See full diff in <a href="https://github.com/actions/upload-artifact/compare/v2...v3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=2&new-version=3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>

…k/lambda-layer-awscli (#19860) Bumps [awscli](https://github.com/aws/aws-cli) from 1.22.87 to 1.22.92. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/aws/aws-cli/blob/develop/CHANGELOG.rst">awscli's changelog</a>.</em></p> <blockquote> <h1>1.22.92</h1> <ul> <li>api-change:<code>mediaconvert</code>: AWS Elemental MediaConvert SDK has added support for the pass-through of WebVTT styling to WebVTT outputs, pass-through of KLV metadata to supported formats, and improved filter support for processing 444/RGB content.</li> <li>api-change:<code>wafv2</code>: Add a new CurrentDefaultVersion field to ListAvailableManagedRuleGroupVersions API response; add a new VersioningSupported boolean to each ManagedRuleGroup returned from ListAvailableManagedRuleGroups API response.</li> <li>api-change:<code>mediapackage-vod</code>: This release adds ScteMarkersSource as an available field for Dash Packaging Configurations. When set to MANIFEST, MediaPackage will source the SCTE-35 markers from the manifest. When set to SEGMENTS, MediaPackage will source the SCTE-35 markers from the segments.</li> </ul> <h1>1.22.91</h1> <ul> <li>api-change:<code>apigateway</code>: ApiGateway CLI command get-usage now includes usagePlanId, startDate, and endDate fields in the output to match documentation.</li> <li>api-change:<code>pi</code>: Adds support for DocumentDB to the Performance Insights API.</li> <li>api-change:<code>sagemaker</code>: Amazon Sagemaker Notebook Instances now supports G5 instance types</li> <li>api-change:<code>docdb</code>: Added support to enable/disable performance insights when creating or modifying db instances</li> <li>api-change:<code>events</code>: Update events command to latest version</li> <li>api-change:<code>personalize</code>: This release provides tagging support in AWS Personalize.</li> </ul> <h1>1.22.90</h1> <ul> <li>api-change:<code>config</code>: Add resourceType enums for AWS::EMR::SecurityConfiguration and AWS::SageMaker::CodeRepository</li> <li>api-change:<code>lambda</code>: This release adds new APIs for creating and managing Lambda Function URLs and adds a new FunctionUrlAuthType parameter to the AddPermission API. Customers can use Function URLs to create built-in HTTPS endpoints on their functions.</li> <li>api-change:<code>kendra</code>: Amazon Kendra now provides a data source connector for Box. For more information, see <a href="https://docs.aws.amazon.com/kendra/latest/dg/data-source-box.html">https://docs.aws.amazon.com/kendra/latest/dg/data-source-box.html</a></li> <li>api-change:<code>panorama</code>: Added Brand field to device listings.</li> </ul> <h1>1.22.89</h1> <ul> <li>api-change:<code>s3control</code>: Documentation-only update for doc bug fixes for the S3 Control API docs.</li> <li>api-change:<code>securityhub</code>: Added additional ASFF details for RdsSecurityGroup AutoScalingGroup, ElbLoadBalancer, CodeBuildProject and RedshiftCluster.</li> <li>api-change:<code>datasync</code>: AWS DataSync now supports Amazon FSx for OpenZFS locations.</li> <li>api-change:<code>fsx</code>: Provide customers more visibility into file system status by adding new "Misconfigured Unavailable" status for Amazon FSx for Windows File Server.</li> </ul> <h1>1.22.88</h1> <ul> <li>api-change:<code>sms</code>: Revised product update notice for SMS console deprecation.</li> <li>api-change:<code>servicecatalog</code>: This release adds ProvisioningArtifictOutputKeys to DescribeProvisioningParameters to reference the outputs of a Provisioned Product and deprecates ProvisioningArtifactOutputs.</li> <li>api-change:<code>iot</code>: AWS IoT - AWS IoT Device Defender adds support to list metric datapoints collected for IoT devices through the ListMetricValues API</li> <li>api-change:<code>proton</code>: SDK release to support tagging for AWS Proton Repository resource</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/aws/aws-cli/commit/6f237017d0d37407fe4750100ae77d7c0a821cf8"><code>6f23701</code></a> Merge branch 'release-1.22.92'</li> <li><a href="https://github.com/aws/aws-cli/commit/f417f945a4474e485eb13c26c2ccd17ef964b42e"><code>f417f94</code></a> Bumping version to 1.22.92</li> <li><a href="https://github.com/aws/aws-cli/commit/749cdb1bd8e873e043eba9e790e42fa7db2ece5c"><code>749cdb1</code></a> Update changelog based on model updates</li> <li><a href="https://github.com/aws/aws-cli/commit/3d0715940805727ca908f7c735e8ce9536096d2a"><code>3d07159</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/aws/aws-cli/issues/6850">#6850</a> from zleidall/develop</li> <li><a href="https://github.com/aws/aws-cli/commit/4b6f7161c0dd20ed29303f887f619a1262ca5768"><code>4b6f716</code></a> Update test for man page string</li> <li><a href="https://github.com/aws/aws-cli/commit/f15cf5f6f1d9ca9b758e06c9926684581699bcc1"><code>f15cf5f</code></a> Merge branch 'release-1.22.91'</li> <li><a href="https://github.com/aws/aws-cli/commit/4997fce662288db6155abf8074a7d0f5e99e1dbb"><code>4997fce</code></a> Merge branch 'release-1.22.91' into develop</li> <li><a href="https://github.com/aws/aws-cli/commit/13d5cdbae40243968a919c757d63fdbd00041add"><code>13d5cdb</code></a> Bumping version to 1.22.91</li> <li><a href="https://github.com/aws/aws-cli/commit/6bd3eeb1844aab1ee25f771a717d2a9fb0e1d312"><code>6bd3eeb</code></a> Update changelog based on model updates</li> <li><a href="https://github.com/aws/aws-cli/commit/4b7d6165608cf31ffa6426f490fe1bf304d35a7b"><code>4b7d616</code></a> Merge branch 'release-1.22.90'</li> <li>Additional commits viewable in <a href="https://github.com/aws/aws-cli/compare/1.22.87...1.22.92">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=awscli&package-manager=pip&previous-version=1.22.87&new-version=1.22.92)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>

---- ### All Submissions: * [ ] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

The resource errors that were encountered during the deployment are very important, and the main errors the users should be paying attention to. They weren't necessarily being given the front and center stage they needed to though. Usually, users would see the following closing error message: ``` The stack named <Stack> failed to deploy: UPDATE_ROLLBACK_COMPLETE ``` Leaving out the actual error messages. Record them as part of the monitor, and add them to the final exception. (Unfortunately, no automated tests as this part of the code isn't really set up to be testable and I don't think investing the effort to make it is worth it right now). ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

feat(aws-lambda): Add support for function URL closes #19798 Refs: 1. https://docs.aws.amazon.com/lambda/latest/dg/urls-configuration.html#urls-cfn 2. https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunctionUrlConfig.html ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [x] Did you use `cdk-integ` to deploy the infrastructure and generate the snapshot (i.e. `cdk-integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…19771) fixes #18700 ---- ### All Submissions: * [ ] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `cdk-integ` to deploy the infrastructure and generate the snapshot (i.e. `cdk-integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Currently, the `AWS::Serverless::Function.DeploymentPreference.Hooks` property is defined as a list of strings in the cfnspec. However, it should be an object of `{ PreTraffic: '', PostTraffic: '' }` per the spec [here](https://github.com/aws/serverless-application-model/blob/master/versions/2016-10-31.md#deploymentpreference-object). I updated the tests in `@aws-cdk/aws-sam` to verify the structure. ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `cdk-integ` to deploy the infrastructure and generate the snapshot (i.e. `cdk-integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

It is intended that all metric identifiers referenced in a MathExpression are included in the `usingMetrics` map. This allows passing around complex metrics as a single object, because the math expression object carries around its dependencies with it. This is slightly different than what people might be used to from raw CloudWatch, where there is no hierarchy and all metrics are supposed to be listed in the graph widget or alarm with a unique ID, and then referenced by ID. We can't make this contract obvious anymore by adding a hard validation, but we can add warnings to hint people at the right way to reference metrics in math expressions. Fixes #13942, closes #17126. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…19871) Add code that detects when the CloudFormation template being included contains a cycle between any of its resources. While that's not allowed in pure CloudFormation, Serverless templates can unfortunately contain cycles before they are processed. Fixes #16654 ---- ### All Submissions: * [ ] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

In #19742, we limited the amount of text that the status printer would produce, and tried to get rid of the empty lines at the end of the rewritable block as well. Unfortunately, we scrolled up too far, overwriting the error messages that may occur during resource provisioning. Since these were the only place where error messages were displayed, it is now not possible to see why a stack deployment fails. This PR fixes that. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Adds a new construct, `IntegTestCase`, to allow integration test authors to define tests with which they can control the test execution workflow. In future iterations, it will also allow authors to register live infrastructure assertions. ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `cdk-integ` to deploy the infrastructure and generate the snapshot (i.e. `cdk-integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

This PR adds a couple of enhancements to the `integ-runner` 1. Add `--profiles` option which allows you to provide a list of AWS profiles to use. This will be used in combination with the `--parallel-regions` option to run the integration tests in parallel across multiple accounts + regions. 2. Adds `--from-file` option that allows you to store a list of tests to run (or exclude) in a file, rather than passing test names as arguments. 3. Adds `--exclude` option, which when provided will excluded the tests provided as arguments 4. Adds some additional metrics. Now each test will show the total time in the logs. Also, if `--verbose` option is provided a summary will be printed which will contain metrics for the entire test. ```bash --- Integration test metrics --- Profile mb-dev + Region us-east-2 total time: 349.866 test/integ.bundling.js: 58.75 test/integ.lambda-insights-mapping.js: 61.012 test/integ.assets.lit.js: 61.121 test/integ.lambda.docker.js: 81.936 test/integ.log-retention.js: 87.047 Profile mb-dev + Region us-west-2 total time: 359.775 test/integ.layer-version.lit.js: 72.61 test/integ.autoscaling.lit.js: 82.82 test/integ.current-version.js: 84.982 test/integ.lambda.js: 119.363 Profile mb-dev + Region us-east-1 total time: 378.713 test/integ.assets.file.js: 67.915 test/integ.runtime.inlinecode.js: 68.211 ``` There are also a couple of small refactors. 1. Split up `workers.test.ts` into `snapshot-worker.test.ts` and `integ-worker.test.ts` 2. Refactored the `extract_workers` functions. There used to be two functions `snapshotTestBatch` and `integTestBatch` which called `singleThreadedXXX` functions. Since each request is essentially single threaded I've moved the `singleThreadedXXX` functions into `extract_worker` and renamed them to be `integTestWorker` and `snapshotTestWorker` ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Related to #19234. This improves the log wording so it's more clear this is not a "hard stop" error, and switch the log level to "trace" so it won't be shown in as many ordinary logs as a false positive error. ---- ### All Submissions: * [ ] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…" (#19888) Reverts [glob-style context key matching](#19840) as it caused one of existing [integration tests](#19840) to fail. refs: edb4119. ---- ### All Submissions: * [ ] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

fixes #16531 verified that cfnspec includes `opensearchservice::domain` and that sdk version is > 2.985.0 (currently 2.1001.0) ---- ### All Submissions: * [ ] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…Models (#19885) fixes #19870 ---- ### All Submissions: * [ ] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…sual flow chart (#19883) View rich diff to see mermaid in action. ---- ### All Submissions: * [ ] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Solution to #13156 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Add support to launch an Auto Scaling Group from a Launch Template rather than a launch configuration. Closes #6734. ---- High level designs: The current AutoScalingGroup L2 construct, unfortunately, is deeply coupled with LaunchConfiguration. Therefore adding LaunchTemplate to the existing construct is not trivial. There are two different approaches to support LaunchTemplate: 1. Implement another brand new L2 construct with `IAutoScalingGroup` interface. The shared logic between the old and the new one such as adding scaling policies can be extracted to a common parent class. 2. Add LaunchTemplate related interface to the existing L2 construct with minimum breaking changes. Adding a new construct is always guaranteed to be a clean solution code-wise, but it can also cause confusion from the end user about scattered CDK implementation on the same CFN resource, and on the other hand breaks the existing libraries consuming the existing `AutoScalingGroup` construct rather than the `IAutoScalingGroup` interface. Adding LT to the existing construct, as what this PR does, however may change the API behaviour when LT is used. For example, the implementation in this PR turns `AutoScalingGroup.connections` from a public field to a public getter, and will throw an error when the ASG is created from a LT reference, which means existing libraries taking an `AutoScalingGroup` instance as an `IConnectable` will get runtime error in this case. Existing code (i.e. ASG created from the L2 construct with a LC rather than a LT) won't break with this change. This PR picks the latter approach since I believe it provides a better experience overall, mainly because of its continuity. ---- BREAKING CHANGE: Properties relying on a launch configuration are now either optional or turned into throwable getters * **autoscaling:** `AutoScalingGroupProps.instanceType` is now optional * **autoscaling:** `AutoScalingGroupProps.machineImage` is now optional * **autoscaling:** `AutoScalingGroup.connections` is now a throwable getter * **autoscaling:** `AutoScalingGroup.role` is now a throwable getter * **autoscaling:** `AutoScalingGroup.userData` is now a throwable getter ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…rywhere (#19799) This generalises the fix of #13299 by creating a `IRepository.repositoryUriForTagOrDigest` function that detects whether something looks like a digest (starts with `sha256:`) or is a tag, and formats the URI with `@` or `:` as appropriate. This function is then used in most places that previously called `repositoryUriForTag`, meaning they can use image digests in addition to tags. The one remain real call is in aws-ecs's `TagParameterContainerImage`. This includes aws-lambda's `EcrImageCode`, and thus closes #15333. ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `cdk-integ` to deploy the infrastructure and generate the snapshot (i.e. `cdk-integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

When writing the cloudformation-diff module, it was assumed that resources would never change their CloudFormation types between deployments. As it turns out, there is a legitimate case for resources changing types, and that's when you migrate from a template that uses Transforms (like the Serverless Transform) to one that doesn't use them. Because of that, handle the case of resources changing types in diff. Fixes #13921 ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…third-party Git sources (#19408) [Documentation](https://docs.aws.amazon.com/codebuild/latest/userguide/create-project-cli.html#cli.source.buildstatusconfig.context) The idea is to be able to customise the Github "check" through the context parameter I linked in the AWS doc. #19403

This PR adds an "update path" workflow to the integration test workflow. When a change is being made to an existing integration test we want to be able to ensure that the change not only works for _new_ stacks, but also with _existing_ stacks. In order to accomplish this, the runner will first deploy the existing snapshot (i.e. `cdk deploy --app /path/to/snapshot`) and then perform a stack update by deploying the integration test. The update path can be disabled by passing the `--disable-update-path` command line option. This PR adds a couple of pieces of functionality in order to enable testing the "update path". 1. The runner will attempt to checkout the snapshot from the origin before running the test. This is to try and make sure that you are actually testing an update of the existing snapshot and not an intermediate snapshot (e.g. if you have been iterating locally). 2. When the runner performs the snapshot diff, it will check for any destructive changes and return that information as a warning to the user. 3. If any destructive changes are found, the runner will record that information as trace metadata in the `manifest.json` file. This will enable us to create automation that checks for this as part of the PR workflow Added logic to include the `allowDestroy` option in items 2 & 3 above. If a resource type is included in the `allowDestroy` list, then it will not be reported. ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…n guide (#19907) ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Add a `transitionToEnabled` options to disable transition to a stage. A reason can be optionally specified with `transitionDisabledReason`. Closes #1649 ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [x] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…ker images (#20439) This PR adds support for specifying the desired build platform when building docker images (ie: build an arm64 image on an amd64/x86_64 host). Closes #12472 This PR does NOT touch Lambda builders, only ECR assets. #16770 attempted to implement support for ECR and Lambda but was abandoned. Meanwhile #16858 implemented lambda platform support. This implements the ECR side I have run `yarn integ` ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [x] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

---- ### All Submissions: * [ ] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

We were trying to save time by re-using a previously synthed cloud assembly if it existed, but we should not be doing this. When we perform the deployment we could be using new settings (or context) that needs to be applied to the synth. ---- ### All Submissions: * [ ] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

This PR switches the `integ-runner` package from private to public. ---- ### All Submissions: * [ ] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

If you run `integ-runner --update-on-failed` and the test succeeds, then the cli should not return an exit code. re #20384 ---- ### All Submissions: * [ ] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Error message gives the incorrect field depsFileLockPath Should be depsLockFilePath ---- ### All Submissions: * [X] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: None. * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features None. * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* Yep.

See [CHANGELOG](https://github.com/aws/aws-cdk/blob/bump/1.158.0/CHANGELOG.md)

In case user does not have entry in `/etc/passwd` the `os.userInfo()` call will throw `SystemError` exception as documented: https://nodejs.org/docs/latest-v16.x/api/os.html#osuserinfooptions Fixes #19401 issue. It can be tested inside Docker for ad-hoc 1234 user ID: ```sh docker run -u 1234 -e CDK_HOME=/tmp npm run cdk diff ``` The `CDK_HOME=/tmp` is a workaround for #7937 issue, where CDK complains that it can't write cached info in user homedir, because it does not exists. Once #7937 will be fixed then #19401 will most likely hit users. However above workaround is a viable option. Hence those two issues are related, but not duplicated. ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) Yes, followed the guide. ### Adding new Unconventional Dependencies: * [x] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) No new dependencies. ### New Features * [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [x] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? No, it's a bugfix, not a feature. *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…sgCapacityProvider constructor (#20522) Fixes #20293 When adding an AsgCapacityProvider the property `canContainersAccessInstanceRole` is only checked when passed in via the method `addAsgCapacityProvider`. It is ignored when passing the property via the instantiation of an AsgCapacityProvider. In this PR I added, that if either one way (method or constructor) has got the property set - it is respected in the outcome. For more details please see the issue #20293 I decided **not** to omit the property on the class level because it would bring in breaking changes. ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [x] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

See [CHANGELOG](https://github.com/aws/aws-cdk/blob/merge-back/1.158.0/CHANGELOG.md)

#20456) Fixed: #20458 I found `fromServiceAtrributes`. I fixed to `fromServiceAttributes` ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…/lambda-layer-awscli (#20542) Bumps [awscli](https://github.com/aws/aws-cli) from 1.24.5 to 1.24.10. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/aws/aws-cli/blob/develop/CHANGELOG.rst">awscli's changelog</a>.</em></p> <blockquote> <h1>1.24.10</h1> <ul> <li>api-change:<code>appflow</code>: Adding the following features/changes: Parquet output that preserves typing from the source connector, Failed executions threshold before deactivation for scheduled flows, increasing max size of access and refresh token from 2048 to 4096</li> <li>api-change:<code>sagemaker</code>: Amazon SageMaker Notebook Instances now allows configuration of Instance Metadata Service version and Amazon SageMaker Studio now supports G5 instance types.</li> <li>api-change:<code>datasync</code>: AWS DataSync now supports TLS encryption in transit, file system policies and access points for EFS locations.</li> <li>api-change:<code>emr-serverless</code>: This release adds support for Amazon EMR Serverless, a serverless runtime environment that simplifies running analytics applications using the latest open source frameworks such as Apache Spark and Apache Hive.</li> </ul> <h1>1.24.9</h1> <ul> <li>api-change:<code>ec2</code>: C7g instances, powered by the latest generation AWS Graviton3 processors, provide the best price performance in Amazon EC2 for compute-intensive workloads.</li> <li>api-change:<code>emr-serverless</code>: This release adds support for Amazon EMR Serverless, a serverless runtime environment that simplifies running analytics applications using the latest open source frameworks such as Apache Spark and Apache Hive.</li> <li>api-change:<code>forecast</code>: Introduced a new field in Auto Predictor as Time Alignment Boundary. It helps in aligning the timestamps generated during Forecast exports</li> <li>api-change:<code>lightsail</code>: Amazon Lightsail now supports the ability to configure a Lightsail Container Service to pull images from Amazon ECR private repositories in your account.</li> </ul> <h1>1.24.8</h1> <ul> <li>api-change:<code>secretsmanager</code>: Documentation updates for Secrets Manager</li> <li>api-change:<code>sagemaker</code>: Amazon SageMaker Autopilot adds support for manually selecting features from the input dataset using the CreateAutoMLJob API.</li> <li>api-change:<code>apprunner</code>: Documentation-only update added for CodeConfiguration.</li> <li>api-change:<code>apigateway</code>: Documentation updates for Amazon API Gateway</li> <li>api-change:<code>fsx</code>: This release adds root squash support to FSx for Lustre to restrict root level access from clients by mapping root users to a less-privileged user/group with limited permissions.</li> <li>api-change:<code>lookoutmetrics</code>: Adding AthenaSourceConfig for MetricSet APIs to support Athena as a data source.</li> <li>api-change:<code>voice-id</code>: VoiceID will now automatically expire Speakers if they haven't been accessed for Enrollment, Re-enrollment or Successful Auth for three years. The Speaker APIs now return a "LastAccessedAt" time for Speakers, and the EvaluateSession API returns "SPEAKER_EXPIRED" Auth Decision for EXPIRED Speakers.</li> <li>api-change:<code>cloudformation</code>: Add a new parameter statusReason to DescribeStackSetOperation output for additional details</li> </ul> <h1>1.24.7</h1> <ul> <li>api-change:<code>ec2</code>: Stop Protection feature enables customers to protect their instances from accidental stop actions.</li> <li>api-change:<code>cognito-idp</code>: Amazon Cognito now supports requiring attribute verification (ex. email and phone number) before update.</li> <li>api-change:<code>mediaconvert</code>: AWS Elemental MediaConvert SDK has added support for rules that constrain Automatic-ABR rendition selection when generating ABR package ladders.</li> <li>api-change:<code>networkmanager</code>: This release adds Multi Account API support for a TGW Global Network, to enable and disable AWSServiceAccess with AwsOrganizations for Network Manager service and dependency CloudFormation StackSets service.</li> <li>api-change:<code>ivschat</code>: Doc-only update. For MessageReviewHandler structure, added timeout period in the description of the fallbackResult field</li> </ul> <h1>1.24.6</h1> <ul> <li>api-change:<code>forecast</code>: New APIs for Monitor that help you understand how your predictors perform over time.</li> <li>api-change:<code>elasticache</code>: Added support for encryption in transit for Memcached clusters. Customers can now launch Memcached cluster with encryption in transit enabled when using Memcached version 1.6.12 or later.</li> <li>api-change:<code>personalize</code>: Adding modelMetrics as part of DescribeRecommender API response for Personalize.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/aws/aws-cli/commit/61acbef818708342d76580aafa397fd2259c5e72"><code>61acbef</code></a> Merge branch 'release-1.24.10'</li> <li><a href="https://github.com/aws/aws-cli/commit/fd11aff77939a164795a03d2b7c7a7e63b11216d"><code>fd11aff</code></a> Bumping version to 1.24.10</li> <li><a href="https://github.com/aws/aws-cli/commit/4db48c443eb427402d2965215fbdce4b65629cad"><code>4db48c4</code></a> Update changelog based on model updates</li> <li><a href="https://github.com/aws/aws-cli/commit/c9cedb190b42c3aa17e003129d82b941c78fa48a"><code>c9cedb1</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/aws/aws-cli/issues/3822">#3822</a> from mkrn/develop</li> <li><a href="https://github.com/aws/aws-cli/commit/7f04197b433b36534460935822ee25aef081bc30"><code>7f04197</code></a> Merge branch 'release-1.24.9'</li> <li><a href="https://github.com/aws/aws-cli/commit/faafcb1fc2613988b6792a383c112e4e9d06c9a8"><code>faafcb1</code></a> Merge branch 'release-1.24.9' into develop</li> <li><a href="https://github.com/aws/aws-cli/commit/4c2441303cf52a060987d1527e52cb454d51760f"><code>4c24413</code></a> Bumping version to 1.24.9</li> <li><a href="https://github.com/aws/aws-cli/commit/2db57f754943a06994177a6cf85875cf112fa853"><code>2db57f7</code></a> Update changelog based on model updates</li> <li><a href="https://github.com/aws/aws-cli/commit/d9f828cbc080f3d5629df4578654ec7fb9f8d03e"><code>d9f828c</code></a> Add support for aws cloudformation package of AWS::AppSync::FunctionConfigura...</li> <li><a href="https://github.com/aws/aws-cli/commit/20348b2870e28215b941a39905474b4ce34479c7"><code>20348b2</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/aws/aws-cli/issues/4353">#4353</a> from yoshiken/delete_unused_variable</li> <li>Additional commits viewable in <a href="https://github.com/aws/aws-cli/compare/1.24.5...1.24.10">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=awscli&package-manager=pip&previous-version=1.24.5&new-version=1.24.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>

…and-line (#20523) Snapshot errors --------------- The constructor of `IntegSnapshotRunner` calls `loadManifest()`, which on my computer happened to fail and stopped the entire test suite because this error happened outside the `try/catch` block. Same for the integ runner itself. Move it inside the try/catch block, needed a bit of refactoring to make sure we could still get at the test name. `--from-file` ------------- Instead of having `--from-file` require a JSON file with its own structure, interpret it as a text file which gets treated exactly the same as the `[TEST [..]]` arguments on the command line. This still allows for the `--exclude` behavior by setting that flag on the command-line. Also be very liberal on the pattern (file name or test name or display name) that we accept, encoded in the `IntegTest.matches()` class. Refactoring ----------- Moved the logic around determining test names and directories into a class (`IntegTest`) which is a convenience class on top of a static data record (`IntegTestInfo`). The split between data and logic is so that we can pass the data to worker threads where we can hydrate the helper class on top again. I tried to be consistent: in memory, all the fields are with respect to `process.cwd()`, so valid file paths in the current process. Only when they are passed to the CLI wrapper are the paths made relative to the CLI wrapper directory. Print snapshot validations that are running for a long time (1 minute). This helps diagnose what is stuck, if anything is. On my machine, it was tests using Docker because there was some issue with it, and this lost me a day. Also change the test reporting formatting slightly. -------------- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Add the `UserPoolIdentityProviderOidc` class to create an OpenID Connect identity provider for user pools. ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [x] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

) Fixes (other half - see #20425) of #20372. This implements the `objectSizeLessThan` property for a S3 lifecycle rule. ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [x] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

This commits adds Lambda Insights layer version 1.0.135.0 for x86 and arm. Ref: - https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Lambda-Insights-extension-versionsx86-64.html#Lambda-Insights-extension-1.0.135.0 - https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Lambda-Insights-extension-versionsARM.html#Lambda-Insights-extension-ARM-1.0.135.0 ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `cdk-integ` to deploy the infrastructure and generate the snapshot (i.e. `cdk-integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Fixes #19098. This introduces two bug fixes that are hidden behind a feature flag to preserve the current hash: - lambda layer order is ignored by the hash now - lambda layer version is included in the hash (along with other lambda layer attributes) I also added a few more tests around this area to confirm the current behavior which should help demonstrate what the feature flag will change. ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

When using `Stack.exportValue` to manually create a CloudFormation export, the logicalId of the referenced resource is used to generate the logicalId of the `CfnExport`. Because `exportValue` creates a `CfnExport` _and_ returns an `importValue` it needs to _resolve_ the logicalId at call time. If the user later overrides the logicalId of the referenced resource, that override is reflected in the export/import that was created earlier. There doesn't seem to be a way to solve this without incurring a breaking change so this PR attempts to smooth a rough edge by "locking" the `logicalId` when `exportValue` is called. If the user attempts to override the id _after_ that point, an error message will be thrown closes #14335 ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…#20563) #20439 added support for the --platform option for docker build but the platform prop was not properly passed through when using the new DefaultStackSynthesizer. ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…20497) The solution I went with in this PR was to try and keep the provided id set on the `ImmutableRole` instead of the `Import` role. This should also keep backwards compatibility by only changing the id of the `Import` role if we are returning an `ImmutableRole`. fixes #7255 ---- ### All Submissions: * [ ] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…irst target (#20479) If the `EventBus` constructor is called with no arguments, then attaching more than a single target to its policy will silently fail to add them. This is because of a strange edge case in the implementation that was not accounted for previously; it is possible for `props.role` to be `undefined`, yet `singletonEventRole()` is still capable of finding the desired role. `singletonEventRole()` does not add the new statements to any IAM policies that it finds, so as a result adding multiple targets does not add any of them. Fixes #19407. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

pull bot added the ⤵️ pull label Feb 11, 2022

dependabot bot and others added 29 commits April 11, 2022 13:48

fix(iam): role/group/user's path not included in ARN (#13258)

ef2b480

Solution to #13156 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

docs(cfnspec): update CloudFormation documentation (#19895)

31115d2

docs(cfnspec): update CloudFormation documentation (#19910)

c421a5f

joeflateau and others added 27 commits May 26, 2022 13:21

chore(release): 1.158.0

7a01099

docs(cfnspec): update CloudFormation documentation (#20519)

953afa9

chore: empty commit to trigger pr build

df419ba

chore(release): 1.158.0 (#20517)

ab28878

See [CHANGELOG](https://github.com/aws/aws-cdk/blob/bump/1.158.0/CHANGELOG.md)

Merge branch 'master' into merge-back/1.158.0

a4318e1

chore(merge-back): 1.158.0 (#20529)

d1242a1

See [CHANGELOG](https://github.com/aws/aws-cdk/blob/merge-back/1.158.0/CHANGELOG.md)

docs(cfnspec): update CloudFormation documentation (#20540)

3a0077e

chore(lambda-nodejs): fix typo (#20557)

27fdaf1

TheRealAmazonKendra deleted the branch eduardomourar:master June 1, 2022 19:30

TheRealAmazonKendra deleted the master branch June 1, 2022 19:30

mrgrain deleted the branch eduardomourar:master July 21, 2023 16:40

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[pull] master from aws:master #457

[pull] master from aws:master #457

pull bot commented Feb 11, 2022 •

edited

Loading

[pull] master from aws:master #457

Are you sure you want to change the base?

[pull] master from aws:master #457

Conversation

pull bot commented Feb 11, 2022 • edited Loading

pull bot commented Feb 11, 2022 •

edited

Loading