chore(release): 2.112.0 #28216
Closed
chore(release): 2.112.0 #28216
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Adding new author to .mergify.yml and .github-merit-badger.yml as per contribution guidelines. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…8027) Because of IPAM allocation, we can't know the parent CIDR at synth time, so we cannot calculate the CIDR split at synth time either. This forces us to rely on the `{ Fn::Cidr }` function provided by CloudFormation. For resource consumption reasons, this function is limited to splitting any range into at most 256 subranges, which means the IPAM allocated VPC cannot split into more subranges either. This PR adds a recursive split feature: if we need to split an CIDR range more than 256 times, we will do multiple splits: ```ts Fn.select(300, Fn.cidr(range, 4096, 4)) // <-- illegal // == Fn.select(44, Fn.cidr(Fn.select(1, Fn.cidr(range, 4, 12)), 256, 4)) ``` Fixes #25537. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.
…ment variables (#28048) ### Changes - added `AWS_DEFAULT_REGION` to `reservedEnvironmentVariables` - unit tests were not added because there is only one existing test case written. - https://github.com/aws/aws-cdk/blob/91a3e8c0fb0b6e91d45146c44c234151c59b3476/packages/aws-cdk-lib/aws-lambda/test/function.test.ts#L3426 ### Description The Function constructor checks that reserved environment variables are not specified when adding environment variables. However, when I mistakenly specified `AWS_DEFAULT_REGION` as an environment variable, `cdk synth` did not generate an error. The following document contains the list of reserved environment variables. https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-runtime Cloudformation gives the following error. `Resource handler returned message: "Lambda was unable to configure your environment variables because the environment variables you have provided contains reserved keys that are currently not supported for modification. Reserved keys used in this request: AWS_DEFAULT_REGION` ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Reduces runtime of `awslint` against `aws-cdk-lib` from ~70s down to ~15s. Speed up 1: Reduce rule definitions (~1s) Speed up 2: Make core checks fqn based only (~5s) Speed up 3: Optimize code paths to defer expensive checks (~4s) Speed up 4: Locked typesystem (~25s) Speed up 5: Faster camel casing (~15s)  ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
This PR moves the eval-nodejs handler from aws-cdk-lib to our new centralized location for custom resource handlers in the [@aws-cdk](https://github.com/aws-cdk) package. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
This PR moves the log retention handler from aws-cdk-lib to our new centralized location for custom resource handlers in the @aws-cdk package. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
This PR moves the oidc handler from aws-cdk-lib to our new centralized location for custom resource handlers in the [@aws-cdk](https://github.com/aws-cdk) package. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Minimum required version enforced by jsii-pacmak. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Makes our diagram editable now that it is mermaid. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…27898) This PR moves the dns validated certificate handler from aws-cdk-lib to our new centralized location for custom resource handlers in the [@aws-cdk](https://github.com/aws-cdk) package. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…28068) We switched the images used to build PRs to `jsii/superchain:bullseye-slim-node18` which comes with Node.js 18 instead of Node.js 16. This Node.js upgrade also includes an upgraded version of npm, and in recent npm versions, the unsef-perm option is not required anymore. This change simply removes the now redundant command. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
We switched the images used to run our main build to jsii/superchain:bullseye-slim-node18 which comes with Node.js 18 instead of Node.js 16. This Node.js upgrade also includes an upgraded version of npm, and in recent npm versions, the unsef-perm option is not required anymore. This change simply removes the now redundant command. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
AWS Service Spec packages to latest versions.
Some folks are still stuck on node14. Replacing `.at()` with conventional array access to make it easier for them. In this particular instance there's really no benefit to the code using it. But seriously, y'all should upgrade to a current, supported version like Node.js 18. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…ions do not get configured (#27861) Closes #18965 `HTTPLambdaIntegration` using imported lambda functions are currently not being configured. This is due to the fact that the `canCreatePermissions` property is set to false in imported lambdas, so the lambda permissions are never created. This PR fixes this issue by: - Setting the `sameEnvironment` property to `true` for lambdas imported using `fromFunctionName()` - Adding clarification in documentation about imported lambdas needing to belong to the same stack account and region as that of the lambda being imported from be able to add permissions - Adding a new warning to be thrown when the `addPermissions()` function is called on a lambda with `canCreatePermissions` set to false. The new integ test file tests that imported lambdas using `fromFunctionName()` and `fromFunctionAttributes()` (with `sameEnvironment` set to `true`) work as expected, including on sub-route integrations. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
This PR moves the delete existing record set handler from aws-cdk-lib to our new centralized location for custom resource handlers in the [@aws-cdk](https://github.com/aws-cdk) package. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…e logging (#28057) Our current logging statement for s3 bucket deployments is inconsistent. This PR updates the logging statement to ensure consistent one-line logging. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
This PR moves the ec2 restrict default security group handler from `aws-cdk-lib` to our new centralized location for custom resource handlers in the `@aws-cdk` package. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
When using `WINDOWS_SERVER_2019_CONTAINER`, only MEDIUM and LARGE computeType is supported. https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html However, currently only ComputeType `SMALL` is validated. This PR modified to generate an error when ComputeType is specified as X2_LARGE in WindowsBuildImage. ```ts new codebuild.Project(this, 'CodeBuildCdk', { source: codebuild.Source.codeCommit({ repository: codecommit.Repository.fromRepositoryName(this, "Repo", "sample") }), environment: { computeType: codebuild.ComputeType.X2_LARGE, // generate error in synth stage buildImage: codebuild.WindowsBuildImage.WINDOWS_BASE_2_0 } }); ``` ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
This PR moves the dynamodb replica handler from `aws-cdk-lib` to our new centralized location for custom resource handlers in the `@aws-cdk` package. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…ion integ test (#28181) This PR adds directions that can be used when running the cross account zone delegation integ test. The directions are the exact same as what is provided for running the [cross account assume role integ test](https://github.com/aws/aws-cdk/blob/20bfa721525d290f453b17ad4bc91b7fb8922635/packages/%40aws-cdk-testing/framework-integ/test/custom-resources/test/aws-custom-resource/integ.cross-account-assumeRole.ts#L7-L29). ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Closes #27459 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
It is more or less frustrating that we have to check if a variable is undefined or not before calling the `CfnResource.isCfnResource` method. For example,
```ts
const bucket1 = new Bucket(stack, 'Bucket1');
const bucket1Resource = bucket1.node.defaultChild;
if (bucket1Resource !== undefined && // Currently we need this!
cdk.CfnResource.isCfnResource(bucket1Resource)
) {
bucket1Resource.addDependency(...);
}
```
With this PR, `isCfnResource` now accepts `any` type as input and performs the necessary validations inside.
```ts
const bucket1 = new Bucket(stack, 'Bucket1');
const bucket1Resource = bucket1.node.defaultChild;
if (cdk.CfnResource.isCfnResource(bucket1Resource)) { // much smoother
bucket1Resource.addDependency(...);
}
```
Actually, other `isXxx` methods have consistent signatures like the one below:
```ts
public static isStack(x: any): x is Stack
public static isReference(x: any): x is Reference
public static isCfnElement(x: any): x is CfnElement
// and more...
```
This change also makes the `isCfnResource` consistent with these signatures.
Note that this is not a breaking change, because the input constraint is relaxed, not tightened, so all the old code will work without change.
----
*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Tiny PR to remove duplicate `create`.
This PR moves the cross account zone handler from aws-cdk-lib to our new centralized location for custom resource handlers in the [@aws-cdk](https://github.com/aws-cdk) package. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Improve docstrings to explain that parameter objectsKeyPattern of type any should take in string inputs. Unable to directly change the parameter type because of backwards compatibility concerns (mentioned in #27486 we are improving documentation as an alternative solution. Closes #27481. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
An eventBridgePutEvents target was implemented similar to the already existing LambdaInvoke/StepFunctionStartExecution target. I needed to change some properties and methods from Target.ts from private to protected so that the logic could be reused (hope that is ok). Some design choices to outline (let me know if you disagree or have improvements I could take :) ): 1. PutEvents would accept multiple Entries (eg. an array), but I decided to support just one single event, because how Target is currently designed (to support only one target arn). It also aligns with the templated integration in the aws management console. 2. It throws an error in the constructor if the base prop `input` is used. All the props should be delivered by the new `EventBridgePutEventsEntry`. It felt not right for the developer experience to split the object (detail to `input` and `source`, `detailType` to `EventBridgePutEventsEntry` ). Closes #27454. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
We are excited to graduate the `@aws-cdk/aws-apigatewayv2-alpha`, `@aws-cdk/aws-apigatewayv2-authorizers-alpha`, and `@aws-cdk/aws-apigatewayv2-integrations-alpha` modules to STABLE. They now live on as: - `aws-cdk-lib/aws-apigatewayv2` - `aws-cdk-lib/aws-apigatewayv2-authorizers` - `aws-cdk-lib/aws-apigatewayv2-integrations` **Deprecated properties removed**: - `httpApiId` has been removed in `aws-apigatewayv2`. Use `apiId` instead. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…28185) The hotswappable resource detectors failed to correctly identify `AWS::IAM::Policy` resources as not-hotswappable. When `--hotswap-fallback` was used and the only change to the stack was with `AWS::IAM::Policy`, this caused the deploy command to first report IAM changes, and then report `no changes` on the stack. <img width="1076" alt="image" src="https://github.com/aws/aws-cdk/assets/379814/d77320bc-fc8d-4b70-b710-2c28467d07e5"> ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…e_modules/@aws-cdk/integ-runner/lib/workers/db.json.gz'" (#28199) After #27813 the `deploy` action was broken with the above error. This is effectively the same as #27983 . To ensure these kind of issues are not slipping through again, the PR is adding a basic testing harness for `cli-lib` to `@aws-cdk-testing/cli-integtests`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…27850) This PR adds InspectorStartAssessmentRun Target for EventBridge Scheduler. In [the issue](#27453), the `inspector.CfnAssessmentTarget` is used in the `InspectorStartAssessmentRun`. But it should be a `CfnAssessmentTemplate` so I fixed. ```ts export class InspectorStartAssessmentRun extends ScheduleTargetBase implements IScheduleTarget { constructor( private readonly target: inspector.CfnAssessmentTarget, // <- here private readonly props: ScheduleTargetBaseProps, ) { ``` Closes #27453. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Closes #28190. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Automated changes by [create-pull-request](https://github.com/peter-evans/create-pull-request) GitHub action
aws-cdk-automation
added
auto-approve
pr/no-squash
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
aws-cdk-automation
had a problem deploying
to
test-pipeline
GitHub Actions
Failure
mrgrain
had a problem deploying
to
test-pipeline
GitHub Actions
Failure
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See CHANGELOG