chore(release): 2.115.0 #28362

aws-cdk-automation · 2023-12-14T10:50:02Z

Adding new author to .mergify.yml and .github-merit-badger.yml as per contribution guidelines. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

> REPLACE THIS TEXT BLOCK > > Describe the reason for this change, what the solution is, and any > important design decisions you made. > > Remember to follow the [CONTRIBUTING GUIDE] and [DESIGN GUIDELINES] for any > code you submit. > > [CONTRIBUTING GUIDE]: https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md > [DESIGN GUIDELINES]: https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md Closes #<issue number here>. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Deletes the `aws-apigatewayv2-alpha`, `aws-apigatewayv2-authorizers-alpha`, and `aws-apigatewayv2-integrations-alpha` modules since they have now been [stabilized](#28094). Also removes references to these deprecated alpha modules. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

See [CHANGELOG](https://github.com/aws/aws-cdk/blob/merge-back/2.114.0/CHANGELOG.md)

…ing (#21249) (#27523) …ing (#21249) Improve the `CustomResource` implementation that manages the `Route53`'s `NS` Records on the Account that host the parent `HostedZone` to consider renaming cases in which updates and deletes are both required. Closes #21249. This is related to #25285 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

README in `aws-stepfunctions-tasks` module was removed by [this commit](8622ee8). I think this is a mistake and I will reinstate it. And I changed to use new module for `apigatewayv2` in the README. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

See [CHANGELOG](https://github.com/aws/aws-cdk/blob/merge-back/2.114.1/CHANGELOG.md)

…28269) Adding a deploy method to the configuration construct to allow deployments on a config at any time after creation. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

#28275) Instead of throwing the descriptive error, we throw: ``` ReferenceError: name is not defined ``` We meant to use `submodule.name`, not `name`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

This PR supports RDS for SQL Server 16.00.4095.4.v1. ``` ❯ aws rds describe-db-engine-versions --engine sqlserver-ee --query "DBEngineVersions[?EngineVersion=='16.00.4095.4.v1'].[DBEngineVersionDescription,EngineVersion,DBParameterGroupFamily,MajorEngineVersion,Status]" [ [ "SQL Server 2022 16.00.4095.4.v1", "16.00.4095.4.v1", "sqlserver-ee-16.0", "16.00", "available" ] ] ``` ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

We should fix our sdk v3 version and not update it frequently.

Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.

… cluster is placed in a public subnet (#28038) This change fixes the incorrect behavior as explained in #28037. Using null coalescing operator in TypeScript will use the original value of `publiclyAccessible` set on the `ServerlessV2ClusterInstanceProps`. Closes #28037. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Upon a refactor of the `UserTablePrivilieges` now using `tableId` to record changes, this fix will essentially allow table names to be changed. Closes #24246. BREAKING CHANGE: Further updates of the Redshift table will fail for existing tables, if the table name is changed. Therefore, changing the table name for existing Redshift tables have been disabled. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…Tags permission for SageMakerCreateTransformJob task (#27264) If we specified RUN_JOB as IntegrationPattern prop for SageMakerCreateTransformJob construct, StepFunctions executes SageMaker batch transform job [synchronously](https://docs.aws.amazon.com/step-functions/latest/dg/connect-to-resource.html#connect-sync). In this case, StepFunctions add a tag (key: MANAGED_BY_AWS, value: STARTED_BY_STEP_FUNCTIONS) to the job, so state machine role needs the permission to do that. However, currently CDK does not add the permission automatically. This PR solves the issue by adding `sagemaker:AddTags` permission to state machine role when RUN_JOB is specified as IntegrationPattern prop. Closes #26012 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

aws-logs added a new optional property `logGroupClass` to `AWS::Logs::LogGroup` object. This PR is to update the comment of this property. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Truly ugly errors that weren't even consistent, just consistently off. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Adds support for `BOTTLEROCKET_ARM_64_NVIDIA` and `BOTTLEROCKET_x86_64_NVIDIA` AMI types. Closes #28241. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

update to public roadmap ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

This PR includes breaking changes to the `aws-scheduler-alpha` module. ## Description This PR introduces breaking changes by correcting typos in the method names of the Schedule and Group constructs. Specifically, the method name `metricSentToDLQTrunacted` has been changed to `metricSentToDLQTruncated`, and `metricAllSentToDLQTrunacted` has been changed to `metricAllSentToDLQTruncated`. https://docs.aws.amazon.com/scheduler/latest/UserGuide/monitoring-cloudwatch.html BREAKING CHANGE: The typos in the Schedule and Group construct method names have been fixed, changing `metricSentToDLQTrunacted` to `metricSentToDLQTruncated` and `metricAllSentToDLQTrunacted` to `metricAllSentToDLQTruncated`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

And remove outdated information. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --------- Signed-off-by: Vinayak Kukreja <vinakuk@amazon.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> Co-authored-by: Vinayak Kukreja <vinakuk@amazon.com>

Fixing extensions CDK diff since before it would always generate a new diff even if nothing changed. Closes #27676. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…28324) Currently it's very difficult to figure out which PR introduced a specific change to the model. Ideally the changelog would be in a nice narrative form suitable for humans, but in lack of a tool that produces this, the "raw" database diff is better than nothing. Test-run: https://github.com/aws/aws-cdk/actions/runs/7168292995 #28326 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Clarify some preferred strategies for our design process for contributors. Highlight readme driven development as the preferred route for new L2s in existing services and third party package publishing for anything else. Additionally remove the strict requirement of an RFC for any L2 contribution. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…28299) As written in #6404, a VPC link integration fails to deploy unless we set `integrationHttpMethod` prop explicitly. In this PR we fix the sample code accordingly. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Update AWS Service Spec packages to latest versions **@aws-cdk/aws-service-spec changes:** ``` ├[~] service aws-autoscaling │ └ resources │ ├[~] resource AWS::AutoScaling::AutoScalingGroup │ │ └ types │ │ └[~] type InstanceRequirements │ │ └ properties │ │ ├ MemoryMiB: - MemoryMiBRequest │ │ │ + MemoryMiBRequest (required) │ │ └ VCpuCount: - VCpuCountRequest │ │ + VCpuCountRequest (required) │ └[~] resource AWS::AutoScaling::ScalingPolicy │ └ types │ └[~] type MetricStat │ └ - documentation: `MetricStat` is a property of the [AWS::AutoScaling::ScalingPolicy MetricDataQuery](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-scalingpolicy-metricdataquery.html) property type. │ This structure defines the CloudWatch metric to return, along with the statistic, period, and unit. │ For more information about the CloudWatch terminology below, see [Amazon CloudWatch concepts](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html) in the *Amazon CloudWatch User Guide* . │ + documentation: `MetricStat` is a property of the [AWS::AutoScaling::ScalingPolicy MetricDataQuery](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-scalingpolicy-metricdataquery.html) property type. │ This structure defines the CloudWatch metric to return, along with the statistic and unit. │ For more information about the CloudWatch terminology below, see [Amazon CloudWatch concepts](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html) in the *Amazon CloudWatch User Guide* . ├[~] service aws-billingconductor │ └ resources │ └[~] resource AWS::BillingConductor::CustomLineItem │ └ properties │ └[+] AccountId: string (immutable) ├[~] service aws-cleanrooms │ └ resources │ ├[~] resource AWS::CleanRooms::Collaboration │ │ ├ properties │ │ │ └ CreatorPaymentConfiguration: (documentation changed) │ │ └ types │ │ ├[~] type MemberSpecification │ │ │ └ properties │ │ │ └ PaymentConfiguration: (documentation changed) │ │ ├[~] type PaymentConfiguration │ │ │ ├ - documentation: undefined │ │ │ │ + documentation: An object representing the collaboration member's payment responsibilities set by the collaboration creator. │ │ │ └ properties │ │ │ └ QueryCompute: (documentation changed) │ │ └[~] type QueryComputePaymentConfig │ │ ├ - documentation: undefined │ │ │ + documentation: An object representing the collaboration member's payment responsibilities set by the collaboration creator for query compute costs. │ │ └ properties │ │ └ IsResponsible: (documentation changed) │ └[~] resource AWS::CleanRooms::Membership │ ├ properties │ │ └ PaymentConfiguration: (documentation changed) │ └ types │ ├[~] type MembershipPaymentConfiguration │ │ ├ - documentation: undefined │ │ │ + documentation: An object representing the payment responsibilities accepted by the collaboration member. │ │ └ properties │ │ └ QueryCompute: (documentation changed) │ └[~] type MembershipQueryComputePaymentConfig │ ├ - documentation: undefined │ │ + documentation: An object representing the payment responsibilities accepted by the collaboration member for query compute costs. │ └ properties │ └ IsResponsible: (documentation changed) ├[~] service aws-cloudformation │ └ resources │ └[~] resource AWS::CloudFormation::StackSet │ └ types │ └[~] type OperationPreferences │ └ properties │ └ RegionOrder: (documentation changed) ├[~] service aws-cloudtrail │ └ resources │ └[~] resource AWS::CloudTrail::EventDataStore │ └ properties │ ├[+] FederationEnabled: boolean │ └[+] FederationRoleArn: string ├[~] service aws-codedeploy │ └ resources │ └[~] resource AWS::CodeDeploy::DeploymentConfig │ ├ - documentation: The `AWS::CodeDeploy::DeploymentConfig` resource creates a set of deployment rules, deployment success conditions, and deployment failure conditions that AWS CodeDeploy uses during a deployment. The deployment configuration specifies, through the use of a `MinimumHealthyHosts` value, the number or percentage of instances that must remain available at any time during a deployment. │ │ + documentation: The `AWS::CodeDeploy::DeploymentConfig` resource creates a set of deployment rules, deployment success conditions, and deployment failure conditions that AWS CodeDeploy uses during a deployment. The deployment configuration specifies the number or percentage of instances that must remain available at any time during a deployment. │ ├ properties │ │ └[+] ZonalConfig: ZonalConfig (immutable) │ └ types │ ├[+] type MinimumHealthyHostsPerZone │ │ ├ name: MinimumHealthyHostsPerZone │ │ └ properties │ │ ├Value: integer (required) │ │ └Type: string (required) │ └[+] type ZonalConfig │ ├ name: ZonalConfig │ └ properties │ ├FirstZoneMonitorDurationInSeconds: integer │ ├MonitorDurationInSeconds: integer │ └MinimumHealthyHostsPerZone: MinimumHealthyHostsPerZone ├[~] service aws-connect │ └ resources │ └[~] resource AWS::Connect::Instance │ ├ - tagInformation: undefined │ │ + tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ └ properties │ └[+] Tags: Array<tag> ├[~] service aws-dlm │ └ resources │ └[~] resource AWS::DLM::LifecyclePolicy │ ├ properties │ │ └ DefaultPolicy: (documentation changed) │ └ types │ └[~] type PolicyDetails │ └ properties │ └ PolicyType: (documentation changed) ├[~] service aws-dms │ └ resources │ ├[+] resource AWS::DMS::DataProvider │ │ ├ name: DataProvider │ │ │ cloudFormationType: AWS::DMS::DataProvider │ │ │ documentation: Resource schema for AWS::DMS::DataProvider │ │ │ tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ │ ├ properties │ │ │ ├DataProviderName: string │ │ │ ├DataProviderIdentifier: string │ │ │ ├Description: string │ │ │ ├Engine: string (required) │ │ │ ├ExactSettings: boolean (default=false) │ │ │ ├Settings: Settings │ │ │ └Tags: Array<tag> │ │ ├ attributes │ │ │ ├DataProviderArn: string │ │ │ └DataProviderCreationTime: string │ │ └ types │ │ ├type Settings │ │ │├ documentation: PostgreSqlSettings property identifier. │ │ ││ name: Settings │ │ │└ properties │ │ │ └PostgreSqlSettings: PostgreSqlSettings │ │ └type PostgreSqlSettings │ │ ├ name: PostgreSqlSettings │ │ └ properties │ │ ├ServerName: string │ │ ├Port: integer │ │ ├DatabaseName: string │ │ ├SslMode: string │ │ └CertificateArn: string │ ├[+] resource AWS::DMS::InstanceProfile │ │ ├ name: InstanceProfile │ │ │ cloudFormationType: AWS::DMS::InstanceProfile │ │ │ documentation: Resource schema for AWS::DMS::InstanceProfile. │ │ │ tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ │ ├ properties │ │ │ ├InstanceProfileIdentifier: string │ │ │ ├AvailabilityZone: string │ │ │ ├Description: string │ │ │ ├KmsKeyArn: string │ │ │ ├PubliclyAccessible: boolean (default=false) │ │ │ ├NetworkType: string │ │ │ ├InstanceProfileName: string │ │ │ ├SubnetGroupIdentifier: string │ │ │ ├VpcSecurityGroups: Array<string> │ │ │ └Tags: Array<tag> │ │ └ attributes │ │ ├InstanceProfileArn: string │ │ └InstanceProfileCreationTime: string │ └[+] resource AWS::DMS::MigrationProject │ ├ name: MigrationProject │ │ cloudFormationType: AWS::DMS::MigrationProject │ │ documentation: Resource schema for AWS::DMS::MigrationProject │ │ tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ ├ properties │ │ ├MigrationProjectName: string │ │ ├MigrationProjectIdentifier: string │ │ ├MigrationProjectCreationTime: string (deprecated=WARN) │ │ ├InstanceProfileIdentifier: string │ │ ├InstanceProfileName: string │ │ ├InstanceProfileArn: string │ │ ├TransformationRules: string │ │ ├Description: string │ │ ├SchemaConversionApplicationAttributes: SchemaConversionApplicationAttributes │ │ ├SourceDataProviderDescriptors: Array<DataProviderDescriptor> │ │ ├TargetDataProviderDescriptors: Array<DataProviderDescriptor> │ │ └Tags: Array<tag> │ ├ attributes │ │ └MigrationProjectArn: string │ └ types │ ├type SchemaConversionApplicationAttributes │ │├ documentation: The property describes schema conversion application attributes for the migration project. │ ││ name: SchemaConversionApplicationAttributes │ │└ properties │ │ ├S3BucketPath: string │ │ └S3BucketRoleArn: string │ └type DataProviderDescriptor │ ├ documentation: It is an object that describes Source and Target DataProviders and credentials for connecting to databases that are used in MigrationProject │ │ name: DataProviderDescriptor │ └ properties │ ├DataProviderIdentifier: string │ ├DataProviderName: string │ ├DataProviderArn: string │ ├SecretsManagerSecretId: string │ └SecretsManagerAccessRoleArn: string ├[~] service aws-ec2 │ └ resources │ ├[~] resource AWS::EC2::EC2Fleet │ │ └ types │ │ └[~] type InstanceRequirementsRequest │ │ └ properties │ │ ├ AcceleratorManufacturers: (documentation changed) │ │ └ AcceleratorNames: (documentation changed) │ ├[~] resource AWS::EC2::LaunchTemplate │ │ └ types │ │ ├[~] type ConnectionTrackingSpecification │ │ │ ├ - documentation: Allows customer to specify Connection Tracking options │ │ │ │ + documentation: A security group connection tracking specification that enables you to set the idle timeout for connection tracking on an Elastic network interface. For more information, see [Connection tracking timeouts](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) in the *Amazon Elastic Compute Cloud User Guide* . │ │ │ └ properties │ │ │ ├ TcpEstablishedTimeout: (documentation changed) │ │ │ ├ UdpStreamTimeout: (documentation changed) │ │ │ └ UdpTimeout: (documentation changed) │ │ ├[~] type InstanceRequirements │ │ │ └ properties │ │ │ ├ AcceleratorManufacturers: (documentation changed) │ │ │ └ AcceleratorNames: (documentation changed) │ │ └[~] type NetworkInterface │ │ └ properties │ │ ├ ConnectionTrackingSpecification: (documentation changed) │ │ └ EnaSrdSpecification: (documentation changed) │ ├[~] resource AWS::EC2::SpotFleet │ │ └ types │ │ └[~] type InstanceRequirementsRequest │ │ └ properties │ │ ├ AcceleratorManufacturers: (documentation changed) │ │ └ AcceleratorNames: (documentation changed) │ ├[~] resource AWS::EC2::Subnet │ │ └ properties │ │ ├ Ipv4NetmaskLength: (documentation changed) │ │ └ Ipv6NetmaskLength: (documentation changed) │ ├[~] resource AWS::EC2::TransitGateway │ │ └ attributes │ │ └ TransitGatewayArn: (documentation changed) │ └[~] resource AWS::EC2::VerifiedAccessTrustProvider │ └ types │ └[~] type DeviceOptions │ └ properties │ └[+] PublicSigningKeyUrl: string ├[~] service aws-ecs │ └ resources │ └[~] resource AWS::ECS::CapacityProvider │ └ types │ └[~] type AutoScalingGroupProvider │ └ properties │ └[+] ManagedDraining: string ├[~] service aws-efs │ └ resources │ └[~] resource AWS::EFS::AccessPoint │ └ types │ └[~] type RootDirectory │ └ - documentation: Specifies the directory on the Amazon EFS file system that the access point provides access to. The access point exposes the specified file system path as the root directory of your file system to applications using the access point. NFS clients using the access point can only access data in the access point's `RootDirectory` and it's subdirectories. │ + documentation: Specifies the directory on the Amazon EFS file system that the access point provides access to. The access point exposes the specified file system path as the root directory of your file system to applications using the access point. NFS clients using the access point can only access data in the access point's `RootDirectory` and its subdirectories. ├[~] service aws-emr │ └ resources │ └[~] resource AWS::EMR::Studio │ └ properties │ ├[+] EncryptionKeyArn: string (immutable) │ ├[+] IdcInstanceArn: string (immutable) │ ├[+] IdcUserAssignment: string (immutable) │ └[+] TrustedIdentityPropagationEnabled: boolean (immutable) ├[~] service aws-eventschemas │ └ resources │ ├[~] resource AWS::EventSchemas::Discoverer │ │ └ attributes │ │ └ State: (documentation changed) │ └[~] resource AWS::EventSchemas::Registry ├[~] service aws-fis │ └ resources │ ├[~] resource AWS::FIS::ExperimentTemplate │ │ ├ - documentation: Specifies an experiment template. │ │ │ An experiment template includes the following components: │ │ │ - *Targets* : A target can be a specific resource in your AWS environment, or one or more resources that match criteria that you specify, for example, resources that have specific tags. │ │ │ - *Actions* : The actions to carry out on the target. You can specify multiple actions, the duration of each action, and when to start each action during an experiment. │ │ │ - *Stop conditions* : If a stop condition is triggered while an experiment is running, the experiment is automatically stopped. You can define a stop condition as a CloudWatch alarm. │ │ │ For more information, see [Experiment templates](https://docs.aws.amazon.com/fis/latest/userguide/experiment-templates.html) in the *AWS Fault Injection Simulator User Guide* . │ │ │ + documentation: Describes an experiment template. │ │ ├ properties │ │ │ └[+] ExperimentOptions: ExperimentTemplateExperimentOptions │ │ ├ attributes │ │ │ └ Id: (documentation changed) │ │ └ types │ │ ├[~] type ExperimentTemplateAction │ │ │ └ - documentation: Specifies an action for an experiment template. │ │ │ For more information, see [Actions](https://docs.aws.amazon.com/fis/latest/userguide/actions.html) in the *AWS Fault Injection Simulator User Guide* . │ │ │ + documentation: Describes an action for an experiment template. │ │ ├[+] type ExperimentTemplateExperimentOptions │ │ │ ├ documentation: Describes the experiment options for an experiment template. │ │ │ │ name: ExperimentTemplateExperimentOptions │ │ │ └ properties │ │ │ ├AccountTargeting: string │ │ │ └EmptyTargetResolutionMode: string │ │ ├[~] type ExperimentTemplateLogConfiguration │ │ │ ├ - documentation: Specifies the configuration for experiment logging. │ │ │ │ For more information, see [Experiment logging](https://docs.aws.amazon.com/fis/latest/userguide/monitoring-logging.html) in the *AWS Fault Injection Simulator User Guide* . │ │ │ │ + documentation: Describes the configuration for experiment logging. │ │ │ └ properties │ │ │ ├ CloudWatchLogsConfiguration: (documentation changed) │ │ │ └ S3Configuration: (documentation changed) │ │ ├[~] type ExperimentTemplateStopCondition │ │ │ └ - documentation: Specifies a stop condition for an experiment template. │ │ │ For more information, see [Stop conditions](https://docs.aws.amazon.com/fis/latest/userguide/stop-conditions.html) in the *AWS Fault Injection Simulator User Guide* . │ │ │ + documentation: Describes a stop condition for an experiment template. │ │ ├[~] type ExperimentTemplateTarget │ │ │ ├ - documentation: Specifies a target for an experiment. You must specify at least one Amazon Resource Name (ARN) or at least one resource tag. You cannot specify both ARNs and tags. │ │ │ │ For more information, see [Targets](https://docs.aws.amazon.com/fis/latest/userguide/targets.html) in the *AWS Fault Injection Simulator User Guide* . │ │ │ │ + documentation: Describes a target for an experiment template. │ │ │ └ properties │ │ │ └ Parameters: (documentation changed) │ │ └[~] type ExperimentTemplateTargetFilter │ │ └ - documentation: Specifies a filter used for the target resource input in an experiment template. │ │ For more information, see [Resource filters](https://docs.aws.amazon.com/fis/latest/userguide/targets.html#target-filters) in the *AWS Fault Injection Simulator User Guide* . │ │ + documentation: Describes a filter used for the target resources in an experiment template. │ └[+] resource AWS::FIS::TargetAccountConfiguration │ ├ name: TargetAccountConfiguration │ │ cloudFormationType: AWS::FIS::TargetAccountConfiguration │ │ documentation: Creates a target account configuration for the experiment template. A target account configuration is required when `accountTargeting` of `experimentOptions` is set to `multi-account` . For more information, see [experiment options](https://docs.aws.amazon.com/fis/latest/userguide/experiment-options.html) in the *AWS Fault Injection Simulator User Guide* . │ └ properties │ ├ExperimentTemplateId: string (required, immutable) │ ├AccountId: string (required, immutable) │ ├RoleArn: string (required) │ └Description: string ├[~] service aws-internetmonitor │ └ resources │ └[~] resource AWS::InternetMonitor::Monitor │ └ types │ ├[~] type InternetMeasurementsLogDelivery │ │ └ properties │ │ └ S3Config: (documentation changed) │ └[~] type S3Config │ ├ - documentation: The configuration for publishing Amazon CloudWatch Internet Monitor internet measurements to Amazon S3. The configuration includes the bucket name and (optionally) bucket prefix for the S3 bucket to store the measurements, and the delivery status. The delivery status is `ENABLED` if you choose to deliver internet measurements to S3 logs, and `DISABLED` otherwise. │ │ The measurements are also published to Amazon CloudWatch Logs. │ │ + documentation: The configuration for publishing Amazon CloudWatch Internet Monitor internet measurements to Amazon S3. The configuration includes the bucket name and (optionally) prefix for the S3 bucket to store the measurements, and the delivery status. The delivery status is `ENABLED` or `DISABLED` , depending on whether you choose to deliver internet measurements to S3 logs. │ └ properties │ ├ BucketName: (documentation changed) │ ├ BucketPrefix: (documentation changed) │ └ LogDeliveryStatus: (documentation changed) ├[~] service aws-lambda │ └ resources │ └[~] resource AWS::Lambda::Function │ └ properties │ └[-] Policy: json ├[~] service aws-lightsail │ └ resources │ └[~] resource AWS::Lightsail::Database │ └ properties │ └ BackupRetention: (documentation changed) ├[~] service aws-opensearchservice │ └ resources │ └[~] resource AWS::OpenSearchService::Domain │ ├ properties │ │ └[+] IPAddressType: string │ └ attributes │ └[+] DomainEndpointV2: string ├[~] service aws-osis │ └ resources │ └[~] resource AWS::OSIS::Pipeline │ ├ properties │ │ ├[+] BufferOptions: BufferOptions │ │ └[+] EncryptionAtRestOptions: EncryptionAtRestOptions │ └ types │ ├[+] type BufferOptions │ │ ├ documentation: Key-value pairs to configure buffering. │ │ │ name: BufferOptions │ │ └ properties │ │ └PersistentBufferEnabled: boolean (required) │ ├[~] type CloudWatchLogDestination │ │ └ properties │ │ └ LogGroup: - string │ │ + string (required) │ ├[+] type EncryptionAtRestOptions │ │ ├ documentation: Key-value pairs to configure encryption at rest. │ │ │ name: EncryptionAtRestOptions │ │ └ properties │ │ └KmsKeyArn: string (required) │ └[~] type VpcOptions │ └ properties │ └ SubnetIds: - Array<string> │ + Array<string> (required) ├[~] service aws-rds │ └ resources │ ├[~] resource AWS::RDS::DBInstance │ │ └ properties │ │ ├ AllocatedStorage: (documentation changed) │ │ ├ DBName: (documentation changed) │ │ ├ Domain: (documentation changed) │ │ ├ EnableCloudwatchLogsExports: (documentation changed) │ │ ├ Engine: (documentation changed) │ │ ├ EngineVersion: (documentation changed) │ │ ├ Iops: (documentation changed) │ │ ├ LicenseModel: (documentation changed) │ │ ├ MasterUsername: (documentation changed) │ │ ├ MasterUserPassword: (documentation changed) │ │ └ Port: (documentation changed) │ ├[~] resource AWS::RDS::DBParameterGroup │ │ └ properties │ │ └ Parameters: (documentation changed) │ └[~] resource AWS::RDS::DBProxy │ └ properties │ └ EngineFamily: (documentation changed) ├[~] service aws-resiliencehub │ └ resources │ └[~] resource AWS::ResilienceHub::App │ └ types │ └[~] type ResourceMapping │ └ properties │ ├ EksSourceName: (documentation changed) │ ├ LogicalStackName: (documentation changed) │ ├ MappingType: (documentation changed) │ ├ ResourceName: (documentation changed) │ └ TerraformSourceName: (documentation changed) ├[~] service aws-rolesanywhere │ └ resources │ ├[~] resource AWS::RolesAnywhere::Profile │ │ ├ - documentation: Creates a *profile* , a list of the roles that Roles Anywhere service is trusted to assume. You use profiles to intersect permissions with IAM managed policies. │ │ │ *Required permissions:* `rolesanywhere:CreateProfile` . │ │ │ + documentation: Creates a Profile. │ │ └ properties │ │ ├ DurationSeconds: (documentation changed) │ │ ├ Enabled: (documentation changed) │ │ ├ ManagedPolicyArns: (documentation changed) │ │ ├ Name: (documentation changed) │ │ ├ RequireInstanceProperties: (documentation changed) │ │ ├ RoleArns: (documentation changed) │ │ ├ SessionPolicy: (documentation changed) │ │ └ Tags: (documentation changed) │ └[~] resource AWS::RolesAnywhere::TrustAnchor │ ├ - documentation: Creates a trust anchor to establish trust between IAM Roles Anywhere and your certificate authority (CA). You can define a trust anchor as a reference to an AWS Private Certificate Authority ( AWS Private CA ) or by uploading a CA certificate. Your AWS workloads can authenticate with the trust anchor using certificates issued by the CA in exchange for temporary AWS credentials. │ │ *Required permissions:* `rolesanywhere:CreateTrustAnchor` . │ │ + documentation: Creates a TrustAnchor. │ └ types │ ├[~] type Source │ │ ├ - documentation: The trust anchor type and its related certificate data. │ │ │ + documentation: Object representing the TrustAnchor type and its related certificate data. │ │ └ properties │ │ ├ SourceData: (documentation changed) │ │ └ SourceType: (documentation changed) │ └[~] type SourceData │ └ - documentation: The data field of the trust anchor depending on its type. │ + documentation: A union object representing the data field of the TrustAnchor depending on its type ├[~] service aws-s3 │ └ resources │ └[~] resource AWS::S3::Bucket │ └ types │ └[~] type InventoryConfiguration │ └ properties │ ├ OptionalFields: (documentation changed) │ └ ScheduleFrequency: (documentation changed) ├[~] service aws-s3express │ └ resources │ └[~] resource AWS::S3Express::DirectoryBucket │ └ properties │ └ BucketName: (documentation changed) ├[~] service aws-sagemaker │ └ resources │ ├[~] resource AWS::SageMaker::FeatureGroup │ │ └ types │ │ └[~] type OnlineStoreConfig │ │ └ properties │ │ └[+] StorageType: string │ └[~] resource AWS::SageMaker::Model │ └ types │ ├[~] type ContainerDefinition │ │ └ properties │ │ └ ModelDataSource: (documentation changed) │ ├[~] type ModelDataSource │ │ ├ - documentation: undefined │ │ │ + documentation: Specifies the location of ML model data to deploy. If specified, you must specify one and only one of the available data sources. │ │ └ properties │ │ └ S3DataSource: (documentation changed) │ └[~] type S3DataSource │ ├ - documentation: undefined │ │ + documentation: Describes the S3 data source. │ │ Your input bucket must be in the same AWS region as your training job. │ └ properties │ ├ S3DataType: (documentation changed) │ └ S3Uri: (documentation changed) ├[~] service aws-sns │ └ resources │ └[~] resource AWS::SNS::Topic │ ├ properties │ │ └[+] DeliveryStatusLogging: Array<LoggingConfig> │ └ types │ └[+] type LoggingConfig │ ├ name: LoggingConfig │ └ properties │ ├Protocol: string (required) │ ├SuccessFeedbackRoleArn: string │ ├SuccessFeedbackSampleRate: string │ └FailureFeedbackRoleArn: string └[~] service aws-workspacesthinclient └ resources └[~] resource AWS::WorkSpacesThinClient::Environment ├ - documentation: Resource type definition for AWS::WorkSpacesThinClient::Environment. │ + documentation: Describes an environment. ├ properties │ ├ DesktopArn: (documentation changed) │ ├ DesktopEndpoint: (documentation changed) │ ├ MaintenanceWindow: (documentation changed) │ └ Tags: (documentation changed) ├ attributes │ ├ ActivationCode: (documentation changed) │ ├ Arn: (documentation changed) │ ├ CreatedAt: (documentation changed) │ ├ DesktopType: (documentation changed) │ ├ RegisteredDevicesCount: (documentation changed) │ └ UpdatedAt: (documentation changed) └ types └[~] type MaintenanceWindow ├ - documentation: undefined │ + documentation: Describes the maintenance window for a thin client device. └ properties ├ ApplyTimeOf: (documentation changed) ├ DaysOfTheWeek: (documentation changed) ├ EndTimeHour: (documentation changed) ├ EndTimeMinute: (documentation changed) ├ StartTimeHour: (documentation changed) ├ StartTimeMinute: (documentation changed) └ Type: (documentation changed) ```

…ntegration for Bedrock InvokeModel API (#28276) Step Functions recently released an optimized integration for Bedrock InvokeModel API, and these changes add support for adding the Bedrock InvokeModel task to Step Functions state machines. Closes #28268. *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…on (#28327) Per the [documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-iam-policies.html#manually-tagged-resources): * To use managed policies, pass the user tag `for-use-with-amazon-emr-managed-policies = true` when you provision a cluster with the CLI, SDK, or another method. * For resources that are not created by Amazon EMR, you must add tags to those resources. For example, you must tag Amazon EC2 subnets, EC2 security groups (if not created by Amazon EMR), and VPCs (if you want Amazon EMR to create security groups). Also, `AmazonEMRServicePolicy_v2` only has `iam:PassRole` on the default EMR roles and needs this on the cluster role created by the CDK. Running the step function: <img width="221" alt="Screenshot 2023-12-11 at 5 24 09 AM" src="https://github.com/aws/aws-cdk/assets/3310356/3b3b33c1-bcb8-4836-a1c0-123a8e7186ba"> <img width="661" alt="Screenshot 2023-12-11 at 5 24 03 AM" src="https://github.com/aws/aws-cdk/assets/3310356/c7f4fef9-0bce-42b9-a509-935cfe9a121b"> ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Here is the result of running the step function deployed by the integration test. The step completed successfully with the IAM role. <img width="1616" alt="emr_runtime_role" src="https://github.com/aws/aws-cdk/assets/3310356/f2605195-196c-4d2b-9621-56974265840a"> Closes #27691. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…ith tags (#28335) This was an incomplete test. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.

This PR added support for start and end time of the schedule. ## Description Currently, users cannot set a start time and an end time for the schedule. A schedule without a start date will begin as soon as it is created and available, and without an end date, it will continue to invoke its target indefinitely. With this feature, users can set the start and end dates of a schedule, allowing for more flexible schedule configurations. https://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-startdate https://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-enddate In CloudFormation, users can use this feature as follows: ```yaml TestSchedule: Type: AWS::Scheduler::Schedule Properties: StartDate: "2024-12-01T13:09:00.000Z" EndDate: "2025-12-01T00:00:00.001Z" ScheduleExpression: "at(2023-01-01T00:00:00)" State: "ENABLED" Target: # target ``` ## Major changes ### add property to ScheduleProps interface Added startDate and endDate properties, and typed these values as string based on the following PR comments. #26819 (comment) It is not necessary to specify both startDate and endDate, they can be set independently. Validation is performed on the following points. - Error if not following ISO 8601 format. - Must include milliseconds (yyyy-MM-ddTHH:mm:ss.SSSZ) - Error if startDate is later than endDate If a time before the current time is specified, the following error occurs in CFn, but no validation is performed because the timing of validation in CDK and the timing of actual deployment are different. `The StartDate you specify cannot be earlier than 5 minutes ago.` ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

….32 (#28345) This PR supports RDS for MariaDB 10.11.6, 10.6.16, 10.5.23 and 10.4.32. https://aws.amazon.com/jp/about-aws/whats-new/2023/12/amazon-rds-mariadb-minors-10-11-6-10-6-16-10-5-23-10-4-32/ ```sh ❯ aws rds describe-db-engine-versions --engine mariadb --query "DBEngineVersions[?EngineVersion=='10.11.6'||EngineVersion=='10.6.16'||EngineVersion=='10.5.23'||EngineVersion=='10.4.32'].[DBEngineVersionDescription,EngineVersion,DBParameterGroupFamily,MajorEngineVersion,Status]" [ [ "MariaDB 10.4.32", "10.4.32", "mariadb10.4", "10.4", "available" ], [ "MariaDB 10.5.23", "10.5.23", "mariadb10.5", "10.5", "available" ], [ "MariaDB 10.6.16", "10.6.16", "mariadb10.6", "10.6", "available" ], [ "MariaDB 10.11.6", "10.11.6", "mariadb10.11", "10.11", "available" ] ] ``` ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…u 22.04 (#28346) This PR supports new image ids for Amazon Linux 2023 and Ubuntu 22.04. As for Amazon Linux 2023, it is not yet in the documentation or release notes, but I tried it in CloudFormation with success, so I added it. We can also check it from the Cloud9 console. If we should still wait, I will remove it. ![cloud9-al-2023](https://github.com/aws/aws-cdk/assets/24818752/ac253baa-fa2e-4275-b77e-f6fb9d7647e7) And I added `@deprecated` to the Ubuntu 18.04, see: > Since Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04. https://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-resource-cloud9-environmentec2.html#cfn-cloud9-environmentec2-imageid ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

aws-cdk-automation · 2023-12-14T11:15:48Z

AWS CodeBuild CI Report

CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
Commit ID: 734ef9f
Result: SUCCEEDED
Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

mergify · 2023-12-14T11:16:05Z

Thank you for contributing! Your pull request will be automatically updated and merged without squashing (do not update manually, and be sure to allow changes to be pushed to your fork).

paulhcsun and others added 30 commits December 5, 2023 10:15

chore: Add author paulhcs to .mergify.yml

a6c4903

Merge branch 'main' into add-paulhcs-to-mergify-core-permissions

7cc08c2

add paulhcs to merit

8ba09f9

change alias to github username

7c9b08e

chore: add author paulhcs to .mergify.yml and merit badger (#28260)

89f9803

Adding new author to .mergify.yml and .github-merit-badger.yml as per contribution guidelines. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Merge branch 'main' into merge-back/2.114.0

470f229

chore(merge-back): 2.114.0 (#28267)

3f9165d

See [CHANGELOG](https://github.com/aws/aws-cdk/blob/merge-back/2.114.0/CHANGELOG.md)

Merge branch 'main' into merge-back/2.114.1

3688926

chore(merge-back): 2.114.1 (#28273)

2d9de18

See [CHANGELOG](https://github.com/aws/aws-cdk/blob/merge-back/2.114.1/CHANGELOG.md)

chore: restrict @aws-sdk/* updates (#28277)

9dab99a

We should fix our sdk v3 version and not update it frequently.

chore: npm-check-updates && yarn upgrade (#28280)

8f60e94

Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.

chore(gamelift): fix some horrible formatting errors (#28296)

020bf18

Truly ugly errors that weren't even consistent, just consistently off. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

feat(eks): support Bottlerocket Nvidia AMIs (#28287)

6aa1b1b

Adds support for `BOTTLEROCKET_ARM_64_NVIDIA` and `BOTTLEROCKET_x86_64_NVIDIA` AMI types. Closes #28241. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

feat(ROADMAP): updates to public roadmap 🚀 (#28302)

fe30921

update to public roadmap ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

MrArnoldPalmer and others added 12 commits December 11, 2023 14:57

chore(stepfunctions-tasks): update integ test to deploy emr cluster w…

f128851

…ith tags (#28335) This was an incomplete test. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

chore: npm-check-updates && yarn upgrade (#28351)

db22b85

Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.

chore(release): 2.115.0

734ef9f

aws-cdk-automation added auto-approve pr/no-squash This PR should be merged instead of squash-merging it labels Dec 14, 2023

github-actions bot added the p2 label Dec 14, 2023

aws-cdk-automation requested a review from a team December 14, 2023 10:50

github-actions bot approved these changes Dec 14, 2023

View reviewed changes

aws-cdk-automation had a problem deploying to test-pipeline December 14, 2023 10:51 — with GitHub Actions Failure

rix0rrr approved these changes Dec 14, 2023

View reviewed changes

mergify bot merged commit 58027ee into v2-release Dec 14, 2023
29 of 30 checks passed

mergify bot deleted the bump/2.115.0 branch December 14, 2023 11:16

github-actions bot mentioned this pull request Jan 1, 2024

Monthly PR metrics report - Dec 2023 #28544

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(release): 2.115.0 #28362

chore(release): 2.115.0 #28362

aws-cdk-automation commented Dec 14, 2023 •

edited

Loading

aws-cdk-automation commented Dec 14, 2023

mergify bot commented Dec 14, 2023

chore(release): 2.115.0 #28362

chore(release): 2.115.0 #28362

Conversation

aws-cdk-automation commented Dec 14, 2023 • edited Loading

aws-cdk-automation commented Dec 14, 2023

AWS CodeBuild CI Report

mergify bot commented Dec 14, 2023

aws-cdk-automation commented Dec 14, 2023 •

edited

Loading