v2.234.0

Compare Source

⚠ BREAKING CHANGES

• batch: unfortunately JobQueue exposes public readonly computeEnvironments: OrderedComputeEnvironment[]. The computeEnvironment member of that structure now fewer guarantees, and needs casting. This should not have been exposed, and we assume the use of the exposed property here is rare.
• backup: unfortunately BackupPlanRule exposes public readonly props: BackupPlanRuleProps. The backupVault member of that structure now guarantees less, and needs casting. This should never have been exposed, and we assume the use of the exposed property here is rare.
• ** L1 resources are automatically generated from public CloudFormation Resource Schemas. They are built to closely reflect the real state of CloudFormation. Sometimes these updates can contain changes that are incompatible with previous types, but more accurately reflect reality. In this release we have changed:

aws-securityhub: AWS::SecurityHub::ConnectorV2: Provider.JiraCloud.AuthStatus attribute removed.
aws-securityhub: AWS::SecurityHub::ConnectorV2: Provider.JiraCloud.AuthUrl attribute removed.
aws-securityhub: AWS::SecurityHub::ConnectorV2: Provider.JiraCloud.CloudId attribute removed.
aws-securityhub: AWS::SecurityHub::ConnectorV2: Provider.JiraCloud.Domain attribute removed.
aws-securityhub: AWS::SecurityHub::ConnectorV2: Provider.ServiceNow.AuthStatus attribute removed.
aws-securityhub: AWS::SecurityHub::ConnectorV2: JiraCloud type removed, replaced by JiraCloudProviderConfiguration.
aws-securityhub: AWS::SecurityHub::ConnectorV2: ServiceNow type removed, replaced by ServiceNowProviderConfiguration.
aws-ssm: AWS::SSM::MaintenanceWindowTarget: Id attribute removed.

Features

• ecs: automatically create ec2InstanceProfile for ManagedInstancesCapacityProvider (#​35796) (9218ea8)
• rds: add name property to option group (#​36319) (708d0ac), closes #​35720
• stepfunctions-tasks: allow EcsRunTask on fargate and ec2 to set capacity provider strategy (#​35465) (63ca2ae), closes #​20013 #​30171 #​7967
• synthetics: add puppeteer 12.0/13.0 runtime (#​36562) (5b74dd4), closes #​36501

Bug Fixes

• cloudwatch: skip MathExpression validation when prop is a token (#​36487) (2845d47)
• core: App.of() returns incorrect values (#​36475) (78034d3)
• core: arnForXxxx() helpers ignore environments from referenced resources (#​36599) (4744c59)
• core: account for { Ref } incompatibility between schema and CFN (#​36493) (3b06942)
• ec2: add proper handling for VPC endpoint service name prefix eu.amazonaws for new region eusc-de-east-1 for ECR & API Gateway services (#​36471) (d5561e0)
• lambda: add token resolution validation to capacity providers (#​36275) (c5fbd97)

Miscellaneous Chores

• backup: reference interfaces (#​36415) (4418612)
• batch: reference interfaces (#​36522) (fefc7be)

Alpha modules (2.234.0-alpha.0)

Features

• msk-alpha: support express broker for Kafka v3.9 (#​36450) (afcc953)

Bug Fixes

• elasticache-alpha: deployment fails when serverlessCacheName or userGroupId is not specified (#​36459) (b3f62f7), closes #​36458
• elasticache-alpha: security group for ServerlessCache does not use default endpoint port (#​35738) (79d91ad)

v2.233.0

Compare Source

⚠ BREAKING CHANGES

CHANGES TO L1 RESOURCES: L1 resources are automatically generated from public CloudFormation Resource Schemas. They are built to closely reflect the real state of CloudFormation. Sometimes these updates can contain changes that are incompatible with previous types, but more accurately reflect reality. In this release we have changed:

aws-ec2: AWS::EC2::EC2Fleet: DefaultTargetCapacityType property is now immutable.
aws-ec2: AWS::EC2::EC2Fleet: TargetCapacityUnitType property is now immutable.

Features

• update L1 CloudFormation resource definitions (#​36390) (a6077a2)
• events-targets: support messageGroupId for standard SQS queues (#​36068) (95d4ed5)
• update L1 CloudFormation resource definitions (#​36367) (e551afe)
• codebuild: add support for macOS 15 runners (#​35836) (1b8b4e3)
• route53-patterns: HttpsRedirect use Distribution as the default CloudFront distribution (under feature flag) (#​34312) (e2987eb), closes #​31546
• update L1 CloudFormation resource definitions (#​36326) (cb82627)
• ec2: add Interface VPC Endpoints for ACM and ACM-PCA (#​35890) (06e6b25)
• route53: support failover routing policy for record sets (#​35909) (9395467), closes #​35910

Bug Fixes

• aws-cdk-lib: make grants factory methods public (#​36317) (7dde625)
• ci: checkout the pr head instead of the default main head (#​36311) (a1cbcf9), closes /github.com/aws/aws-cdk/blob/main/.github/workflows/integration-test-deployment.yml#L39C11-L39C57
• cloudtrail: do not attach s3 bucket permission when orgId is not set for organization trail (#​30778) (61ee074), closes #​30490
• custom-resources: waiter state machine retry fails with ExecutionAlreadyExists (#​35988) (36ea606), closes #​35957
• ecs: removal of canContainersAccessInstanceRole instance role (#​36362) (7395b41)
• pipelines: propagate CodeBuild fleet and certificate (#​35673) (71cfd60), closes #​35664
• region-info: standalone use of @aws-cdk/region-info throws an Cannot find module 'aws-cdk-lib/core/lib/errors' error (#​36414) (01c7d2e), closes #​36399
• ci fix for spec updater workflow (#​36364) (a0b42cc)
• re-export of ResourceEnvironment is not an alias (#​36370) (ba8e194)

Alpha modules (2.233.0-alpha.0)

⚠ BREAKING CHANGES

• bedrock-agentcore-alpha: Runtime constructs will no longer automatically include lifecycleConfiguration with default values when not explicitly specified by users.
• elasticache-alpha: The engine property in NoPasswordUserProps has been removed.

Bug Fixes

• bedrock-agentcore-alpha: runtime construct incorrectly forces default lifecycleConfiguration values (#​36379) (7954354), closes #​36376
• elasticache-alpha: the default engine for NoPasswordUser contradict in the docs (#​35920) (495fa37), closes #​35847
• mixins-preview: improving delivery source and delivery destination creation (#​36314) (86092ab)