Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(release): 2.138.0 #29892

Merged
merged 42 commits into from
Apr 18, 2024
Merged

chore(release): 2.138.0 #29892

merged 42 commits into from
Apr 18, 2024

Commits on Apr 10, 2024

  1. feat(AppSync): addRdsDataSource support for DatabaseCluster (#29544)

    ### Issue # (if applicable)
    
    (aws-appsync): addRdsDataSource doesnt support taking a DatabaseCluster 
    
    Closes #29302
    
    ### Reason for this change
    
    AppSync CDK construct currently accept only IServerlessCluster for RDS source as cluster type. However, with Aurora V2, serverless aurora clusters such as postgres aurora v14 and above are construct using the DatabaseCluster construct and as such AppSync.addRdsDataSource() method need ability to support both type of cluster interfaces.
    
    ### Description of changes
    
    To support the change I created a second props to support IDatabaseCluster in addition to IServerlessCluster already supported and I overloaded the constructor to support both type of props.
    
    However, to make the change possible, some modification to aws-rds were also required:
    
    1 - Need IDatabaseCluster interface to have grantDataApiAccess() method published as part of the interface (the method was there but not published in the interface, when IServerlessCLuster interface have it published. 
    
    2 - need DatabaseCluster.grantDataApiAccess() to follow the same IAM permission pattern than ServerlessCluster.grantDataApiAccess() to have consistency. 
    
    ServerlessCluster.grantDataApiAccess() method is adding automatically the required permission to secret manager if Data API is enabled. 
    
    However, DatabaseCluster.grantDataApiAccess() do not. As such without the change it will have been required for end users to add that IAM permission to secret manager as an extra line when they will have assigned a serverless V2 cluster to AppSync datasource. 
    
    To keep the experience unified across the 2 type of RDS clusters, i updated the method to have that IAM permission embedded.
    
    ### Description of how you validated changes
    
    - Unit test created for the new feature
    - Unit test updated and validated for RDS changes
    - Integration test created for the new feature
    
    I run all unit test and the integration test successfully.
    
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    sebastien6 authored Apr 10, 2024
    Configuration menu
    Copy the full SHA
    1894f2d View commit details
    Browse the repository at this point in the history
  2. chore: npm-check-updates && yarn upgrade (#29703)

    Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.
    aws-cdk-automation authored Apr 10, 2024
    Configuration menu
    Copy the full SHA
    0906049 View commit details
    Browse the repository at this point in the history

Commits on Apr 11, 2024

  1. chore(ec2): NatInstanceProviderV2 security group example (#29769)

    ### Issue # (if applicable)
    
    Closes #27527
    
    ### Reason for this change
    
    The current `NatInstanceProviderV2.securityGroup` property is unusable, given the dependency loop between the construct props (`NatInstanceProviderV2` > `VPC` > `SecurityGroup` > `NatInstanceProviderV2`).
    When creating the integration for #29729, adding a getter for the instances generated by the provider to update the instance role was required to test the `userData` overload. This solution also allows to bypass the circular dependency describe above, given that both the VPC and the instances are generated once the VPC is created with the `natGatewayProvider`.
    
    ### Description of changes
    
    * Deprecate `NatInstanceProviderV2.securityGroup`
      * Add `@example` tag to demo `NatInstanceProviderV2.gatewayInstances`
    * Update `README` to demo setting the security group
    * Update integ to test the demo
    
    ### Description of how you validated changes
    
    Updated integration test
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    nmussy authored Apr 11, 2024
    Configuration menu
    Copy the full SHA
    ea98d13 View commit details
    Browse the repository at this point in the history
  2. Configuration menu
    Copy the full SHA
    3c00fb3 View commit details
    Browse the repository at this point in the history
  3. Configuration menu
    Copy the full SHA
    3d3c742 View commit details
    Browse the repository at this point in the history
  4. chore: add packages for cli integ testing (#29790)

    The packages added below also impact the CLI and should be run through that test pipeline.
    
    ### Checklist
    - [ ] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    TheRealAmazonKendra authored Apr 11, 2024
    Configuration menu
    Copy the full SHA
    73f281c View commit details
    Browse the repository at this point in the history
  5. chore(step-function-tasks): add comment that aws-sdk integration pa…

    …ttern is not impacted by sdk upgrade (#29795)
    
    ### Reason for this change
    
    For upgrading sdkv2 to sdkv3, I have confirmed that the [pattern](https://docs.aws.amazon.com/step-functions/latest/dg/supported-services-awssdk.html) used by step function task is not impacted by the migration and will remain the same. 
    
    Adding a comment to add historical context for anyone revisiting this package for another sdk upgrade.
    
    ### Description of changes
    
    Just added comments. No code changes.
    
    ### Description of how you validated changes
    
    No tests added for comments
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    vinayak-kukreja authored Apr 11, 2024
    Configuration menu
    Copy the full SHA
    b0e0353 View commit details
    Browse the repository at this point in the history
  6. fix(stepfunctions): the catch field in CustomState is not rendered (#…

    …29654)
    
    ### Issue # (if applicable)
    
    N/A
    
    ### Reason for this change
    
    Customers that specify `Catch` fields in their CustomState's `stateJson` do not have Catchers defined in the rendered state definition. The reason for this is that the `Catch` fields from the `stateJson` is overridden by Catchers added through `addCatch()`.
    
    ### Description of changes
    
    This change updates the way the state's `Catch` field is rendered to merge Catchers provided inline with those provided through `addCatch()`. Catchers from `addCatch()` will be rendered first, followed by those provided inline. This is consistent with the merge behaviour for Retriers. 
    
    ### Description of how you validated changes
    
    Unit test coverage for Catchers provided just inline, just through `addCatch()`, and a combination of both. 
    
    ### Checklist
    - [X] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    jormello authored Apr 11, 2024
    Configuration menu
    Copy the full SHA
    77e9fc6 View commit details
    Browse the repository at this point in the history
  7. chore(deps): bump idna from 2.10 to 3.7 in /packages/@aws-cdk/aws-lam…

    …bda-python-alpha/test/lambda-handler-project/lambda (#29803)
    
    Bumps [idna](https://github.com/kjd/idna) from 2.10 to 3.7.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/kjd/idna/releases">idna's releases</a>.</em></p>
    <blockquote>
    <h2>v3.7</h2>
    <h2>What's Changed</h2>
    <ul>
    <li>Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]</li>
    </ul>
    <p>Thanks to Guido Vranken for reporting the issue.</p>
    <p><strong>Full Changelog</strong>: <a href="https://github.com/kjd/idna/compare/v3.6...v3.7">https://github.com/kjd/idna/compare/v3.6...v3.7</a></p>
    </blockquote>
    </details>
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a href="https://github.com/kjd/idna/blob/master/HISTORY.rst">idna's changelog</a>.</em></p>
    <blockquote>
    <p>3.7 (2024-04-11)
    ++++++++++++++++</p>
    <ul>
    <li>Fix issue where specially crafted inputs to encode() could
    take exceptionally long amount of time to process. [CVE-2024-3651]</li>
    </ul>
    <p>Thanks to Guido Vranken for reporting the issue.</p>
    <p>3.6 (2023-11-25)
    ++++++++++++++++</p>
    <ul>
    <li>Fix regression to include tests in source distribution.</li>
    </ul>
    <p>3.5 (2023-11-24)
    ++++++++++++++++</p>
    <ul>
    <li>Update to Unicode 15.1.0</li>
    <li>String codec name is now &quot;idna2008&quot; as overriding the system codec
    &quot;idna&quot; was not working.</li>
    <li>Fix typing error for codec encoding</li>
    <li>&quot;setup.cfg&quot; has been added for this release due to some downstream
    lack of adherence to PEP 517. Should be removed in a future release
    so please prepare accordingly.</li>
    <li>Removed reliance on a symlink for the &quot;idna-data&quot; tool to comport
    with PEP 517 and the Python Packaging User Guide for sdist archives.</li>
    <li>Added security reporting protocol for project</li>
    </ul>
    <p>Thanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions
    to this release.</p>
    <p>3.4 (2022-09-14)
    ++++++++++++++++</p>
    <ul>
    <li>Update to Unicode 15.0.0</li>
    <li>Migrate to pyproject.toml for build information (PEP 621)</li>
    <li>Correct another instance where generic exception was raised instead of
    IDNAError for malformed input</li>
    <li>Source distribution uses zeroized file ownership for improved
    reproducibility</li>
    </ul>
    <p>Thanks to Seth Michael Larson for contributions to this release.</p>
    <p>3.3 (2021-10-13)
    ++++++++++++++++</p>
    <ul>
    <li>Update to Unicode 14.0.0</li>
    <li>Update to in-line type annotations</li>
    <li>Throw IDNAError exception correctly for some malformed input</li>
    <li>Advertise support for Python 3.10</li>
    <li>Improve testing regime on Github</li>
    </ul>
    
    </blockquote>
    <p>... (truncated)</p>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d"><code>1d365e1</code></a> Release v3.7</li>
    <li><a href="https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6"><code>c1b3154</code></a> Merge pull request <a href="https://github.com/kjd/idna/issues/172">#172</a> from kjd/optimize-contextj</li>
    <li><a href="https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623"><code>0394ec7</code></a> Merge branch 'master' into optimize-contextj</li>
    <li><a href="https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966"><code>cd58a23</code></a> Merge pull request <a href="https://github.com/kjd/idna/issues/152">#152</a> from elliotwutingfeng/dev</li>
    <li><a href="https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7"><code>5beb28b</code></a> More efficient resolution of joiner contexts</li>
    <li><a href="https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b"><code>1b12148</code></a> Update ossf/scorecard-action to v2.3.1</li>
    <li><a href="https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067"><code>d516b87</code></a> Update Github actions/checkout to v4</li>
    <li><a href="https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7"><code>c095c75</code></a> Merge branch 'master' into dev</li>
    <li><a href="https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98"><code>60a0a4c</code></a> Fix typo in GitHub Actions workflow key</li>
    <li><a href="https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201"><code>5918a0e</code></a> Merge branch 'master' into dev</li>
    <li>Additional commits viewable in <a href="https://github.com/kjd/idna/compare/v2.10...v3.7">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=idna&package-manager=pip&previous-version=2.10&new-version=3.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aws/aws-cdk/network/alerts).
    
    </details>
    dependabot[bot] authored Apr 11, 2024
    Configuration menu
    Copy the full SHA
    931cd78 View commit details
    Browse the repository at this point in the history
  8. chore(deps): bump idna from 2.10 to 3.7 in /packages/@aws-cdk/aws-lam…

    …bda-python-alpha/test/lambda-handler (#29804)
    
    Bumps [idna](https://github.com/kjd/idna) from 2.10 to 3.7.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/kjd/idna/releases">idna's releases</a>.</em></p>
    <blockquote>
    <h2>v3.7</h2>
    <h2>What's Changed</h2>
    <ul>
    <li>Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]</li>
    </ul>
    <p>Thanks to Guido Vranken for reporting the issue.</p>
    <p><strong>Full Changelog</strong>: <a href="https://github.com/kjd/idna/compare/v3.6...v3.7">https://github.com/kjd/idna/compare/v3.6...v3.7</a></p>
    </blockquote>
    </details>
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a href="https://github.com/kjd/idna/blob/master/HISTORY.rst">idna's changelog</a>.</em></p>
    <blockquote>
    <p>3.7 (2024-04-11)
    ++++++++++++++++</p>
    <ul>
    <li>Fix issue where specially crafted inputs to encode() could
    take exceptionally long amount of time to process. [CVE-2024-3651]</li>
    </ul>
    <p>Thanks to Guido Vranken for reporting the issue.</p>
    <p>3.6 (2023-11-25)
    ++++++++++++++++</p>
    <ul>
    <li>Fix regression to include tests in source distribution.</li>
    </ul>
    <p>3.5 (2023-11-24)
    ++++++++++++++++</p>
    <ul>
    <li>Update to Unicode 15.1.0</li>
    <li>String codec name is now &quot;idna2008&quot; as overriding the system codec
    &quot;idna&quot; was not working.</li>
    <li>Fix typing error for codec encoding</li>
    <li>&quot;setup.cfg&quot; has been added for this release due to some downstream
    lack of adherence to PEP 517. Should be removed in a future release
    so please prepare accordingly.</li>
    <li>Removed reliance on a symlink for the &quot;idna-data&quot; tool to comport
    with PEP 517 and the Python Packaging User Guide for sdist archives.</li>
    <li>Added security reporting protocol for project</li>
    </ul>
    <p>Thanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions
    to this release.</p>
    <p>3.4 (2022-09-14)
    ++++++++++++++++</p>
    <ul>
    <li>Update to Unicode 15.0.0</li>
    <li>Migrate to pyproject.toml for build information (PEP 621)</li>
    <li>Correct another instance where generic exception was raised instead of
    IDNAError for malformed input</li>
    <li>Source distribution uses zeroized file ownership for improved
    reproducibility</li>
    </ul>
    <p>Thanks to Seth Michael Larson for contributions to this release.</p>
    <p>3.3 (2021-10-13)
    ++++++++++++++++</p>
    <ul>
    <li>Update to Unicode 14.0.0</li>
    <li>Update to in-line type annotations</li>
    <li>Throw IDNAError exception correctly for some malformed input</li>
    <li>Advertise support for Python 3.10</li>
    <li>Improve testing regime on Github</li>
    </ul>
    
    </blockquote>
    <p>... (truncated)</p>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d"><code>1d365e1</code></a> Release v3.7</li>
    <li><a href="https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6"><code>c1b3154</code></a> Merge pull request <a href="https://github.com/kjd/idna/issues/172">#172</a> from kjd/optimize-contextj</li>
    <li><a href="https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623"><code>0394ec7</code></a> Merge branch 'master' into optimize-contextj</li>
    <li><a href="https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966"><code>cd58a23</code></a> Merge pull request <a href="https://github.com/kjd/idna/issues/152">#152</a> from elliotwutingfeng/dev</li>
    <li><a href="https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7"><code>5beb28b</code></a> More efficient resolution of joiner contexts</li>
    <li><a href="https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b"><code>1b12148</code></a> Update ossf/scorecard-action to v2.3.1</li>
    <li><a href="https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067"><code>d516b87</code></a> Update Github actions/checkout to v4</li>
    <li><a href="https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7"><code>c095c75</code></a> Merge branch 'master' into dev</li>
    <li><a href="https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98"><code>60a0a4c</code></a> Fix typo in GitHub Actions workflow key</li>
    <li><a href="https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201"><code>5918a0e</code></a> Merge branch 'master' into dev</li>
    <li>Additional commits viewable in <a href="https://github.com/kjd/idna/compare/v2.10...v3.7">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=idna&package-manager=pip&previous-version=2.10&new-version=3.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aws/aws-cdk/network/alerts).
    
    </details>
    dependabot[bot] authored Apr 11, 2024
    Configuration menu
    Copy the full SHA
    2f35e1c View commit details
    Browse the repository at this point in the history
  9. chore(deps): bump idna from 2.10 to 3.7 in /packages/@aws-cdk/aws-lam…

    …bda-python-alpha/test/lambda-handler-custom-build (#29801)
    
    Bumps [idna](https://github.com/kjd/idna) from 2.10 to 3.7.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/kjd/idna/releases">idna's releases</a>.</em></p>
    <blockquote>
    <h2>v3.7</h2>
    <h2>What's Changed</h2>
    <ul>
    <li>Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]</li>
    </ul>
    <p>Thanks to Guido Vranken for reporting the issue.</p>
    <p><strong>Full Changelog</strong>: <a href="https://github.com/kjd/idna/compare/v3.6...v3.7">https://github.com/kjd/idna/compare/v3.6...v3.7</a></p>
    </blockquote>
    </details>
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a href="https://github.com/kjd/idna/blob/master/HISTORY.rst">idna's changelog</a>.</em></p>
    <blockquote>
    <p>3.7 (2024-04-11)
    ++++++++++++++++</p>
    <ul>
    <li>Fix issue where specially crafted inputs to encode() could
    take exceptionally long amount of time to process. [CVE-2024-3651]</li>
    </ul>
    <p>Thanks to Guido Vranken for reporting the issue.</p>
    <p>3.6 (2023-11-25)
    ++++++++++++++++</p>
    <ul>
    <li>Fix regression to include tests in source distribution.</li>
    </ul>
    <p>3.5 (2023-11-24)
    ++++++++++++++++</p>
    <ul>
    <li>Update to Unicode 15.1.0</li>
    <li>String codec name is now &quot;idna2008&quot; as overriding the system codec
    &quot;idna&quot; was not working.</li>
    <li>Fix typing error for codec encoding</li>
    <li>&quot;setup.cfg&quot; has been added for this release due to some downstream
    lack of adherence to PEP 517. Should be removed in a future release
    so please prepare accordingly.</li>
    <li>Removed reliance on a symlink for the &quot;idna-data&quot; tool to comport
    with PEP 517 and the Python Packaging User Guide for sdist archives.</li>
    <li>Added security reporting protocol for project</li>
    </ul>
    <p>Thanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions
    to this release.</p>
    <p>3.4 (2022-09-14)
    ++++++++++++++++</p>
    <ul>
    <li>Update to Unicode 15.0.0</li>
    <li>Migrate to pyproject.toml for build information (PEP 621)</li>
    <li>Correct another instance where generic exception was raised instead of
    IDNAError for malformed input</li>
    <li>Source distribution uses zeroized file ownership for improved
    reproducibility</li>
    </ul>
    <p>Thanks to Seth Michael Larson for contributions to this release.</p>
    <p>3.3 (2021-10-13)
    ++++++++++++++++</p>
    <ul>
    <li>Update to Unicode 14.0.0</li>
    <li>Update to in-line type annotations</li>
    <li>Throw IDNAError exception correctly for some malformed input</li>
    <li>Advertise support for Python 3.10</li>
    <li>Improve testing regime on Github</li>
    </ul>
    
    </blockquote>
    <p>... (truncated)</p>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d"><code>1d365e1</code></a> Release v3.7</li>
    <li><a href="https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6"><code>c1b3154</code></a> Merge pull request <a href="https://github.com/kjd/idna/issues/172">#172</a> from kjd/optimize-contextj</li>
    <li><a href="https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623"><code>0394ec7</code></a> Merge branch 'master' into optimize-contextj</li>
    <li><a href="https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966"><code>cd58a23</code></a> Merge pull request <a href="https://github.com/kjd/idna/issues/152">#152</a> from elliotwutingfeng/dev</li>
    <li><a href="https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7"><code>5beb28b</code></a> More efficient resolution of joiner contexts</li>
    <li><a href="https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b"><code>1b12148</code></a> Update ossf/scorecard-action to v2.3.1</li>
    <li><a href="https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067"><code>d516b87</code></a> Update Github actions/checkout to v4</li>
    <li><a href="https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7"><code>c095c75</code></a> Merge branch 'master' into dev</li>
    <li><a href="https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98"><code>60a0a4c</code></a> Fix typo in GitHub Actions workflow key</li>
    <li><a href="https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201"><code>5918a0e</code></a> Merge branch 'master' into dev</li>
    <li>Additional commits viewable in <a href="https://github.com/kjd/idna/compare/v2.10...v3.7">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=idna&package-manager=pip&previous-version=2.10&new-version=3.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aws/aws-cdk/network/alerts).
    
    </details>
    dependabot[bot] authored Apr 11, 2024
    Configuration menu
    Copy the full SHA
    14b2299 View commit details
    Browse the repository at this point in the history

Commits on Apr 12, 2024

  1. chore(deps): bump idna from 2.10 to 3.7 in /packages/@aws-cdk/aws-lam…

    …bda-python-alpha/test/lambda-handler-project/shared (#29802)
    
    Bumps [idna](https://github.com/kjd/idna) from 2.10 to 3.7.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/kjd/idna/releases">idna's releases</a>.</em></p>
    <blockquote>
    <h2>v3.7</h2>
    <h2>What's Changed</h2>
    <ul>
    <li>Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]</li>
    </ul>
    <p>Thanks to Guido Vranken for reporting the issue.</p>
    <p><strong>Full Changelog</strong>: <a href="https://github.com/kjd/idna/compare/v3.6...v3.7">https://github.com/kjd/idna/compare/v3.6...v3.7</a></p>
    </blockquote>
    </details>
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a href="https://github.com/kjd/idna/blob/master/HISTORY.rst">idna's changelog</a>.</em></p>
    <blockquote>
    <p>3.7 (2024-04-11)
    ++++++++++++++++</p>
    <ul>
    <li>Fix issue where specially crafted inputs to encode() could
    take exceptionally long amount of time to process. [CVE-2024-3651]</li>
    </ul>
    <p>Thanks to Guido Vranken for reporting the issue.</p>
    <p>3.6 (2023-11-25)
    ++++++++++++++++</p>
    <ul>
    <li>Fix regression to include tests in source distribution.</li>
    </ul>
    <p>3.5 (2023-11-24)
    ++++++++++++++++</p>
    <ul>
    <li>Update to Unicode 15.1.0</li>
    <li>String codec name is now &quot;idna2008&quot; as overriding the system codec
    &quot;idna&quot; was not working.</li>
    <li>Fix typing error for codec encoding</li>
    <li>&quot;setup.cfg&quot; has been added for this release due to some downstream
    lack of adherence to PEP 517. Should be removed in a future release
    so please prepare accordingly.</li>
    <li>Removed reliance on a symlink for the &quot;idna-data&quot; tool to comport
    with PEP 517 and the Python Packaging User Guide for sdist archives.</li>
    <li>Added security reporting protocol for project</li>
    </ul>
    <p>Thanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions
    to this release.</p>
    <p>3.4 (2022-09-14)
    ++++++++++++++++</p>
    <ul>
    <li>Update to Unicode 15.0.0</li>
    <li>Migrate to pyproject.toml for build information (PEP 621)</li>
    <li>Correct another instance where generic exception was raised instead of
    IDNAError for malformed input</li>
    <li>Source distribution uses zeroized file ownership for improved
    reproducibility</li>
    </ul>
    <p>Thanks to Seth Michael Larson for contributions to this release.</p>
    <p>3.3 (2021-10-13)
    ++++++++++++++++</p>
    <ul>
    <li>Update to Unicode 14.0.0</li>
    <li>Update to in-line type annotations</li>
    <li>Throw IDNAError exception correctly for some malformed input</li>
    <li>Advertise support for Python 3.10</li>
    <li>Improve testing regime on Github</li>
    </ul>
    
    </blockquote>
    <p>... (truncated)</p>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d"><code>1d365e1</code></a> Release v3.7</li>
    <li><a href="https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6"><code>c1b3154</code></a> Merge pull request <a href="https://github.com/kjd/idna/issues/172">#172</a> from kjd/optimize-contextj</li>
    <li><a href="https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623"><code>0394ec7</code></a> Merge branch 'master' into optimize-contextj</li>
    <li><a href="https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966"><code>cd58a23</code></a> Merge pull request <a href="https://github.com/kjd/idna/issues/152">#152</a> from elliotwutingfeng/dev</li>
    <li><a href="https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7"><code>5beb28b</code></a> More efficient resolution of joiner contexts</li>
    <li><a href="https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b"><code>1b12148</code></a> Update ossf/scorecard-action to v2.3.1</li>
    <li><a href="https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067"><code>d516b87</code></a> Update Github actions/checkout to v4</li>
    <li><a href="https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7"><code>c095c75</code></a> Merge branch 'master' into dev</li>
    <li><a href="https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98"><code>60a0a4c</code></a> Fix typo in GitHub Actions workflow key</li>
    <li><a href="https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201"><code>5918a0e</code></a> Merge branch 'master' into dev</li>
    <li>Additional commits viewable in <a href="https://github.com/kjd/idna/compare/v2.10...v3.7">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=idna&package-manager=pip&previous-version=2.10&new-version=3.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aws/aws-cdk/network/alerts).
    
    </details>
    dependabot[bot] authored Apr 12, 2024
    Configuration menu
    Copy the full SHA
    f8802aa View commit details
    Browse the repository at this point in the history
  2. chore(deps): bump idna from 3.4 to 3.7 in /packages/@aws-cdk/aws-lamb…

    …da-python-alpha/test/lambda-handler-poetry (#29805)
    
    Bumps [idna](https://github.com/kjd/idna) from 3.4 to 3.7.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/kjd/idna/releases">idna's releases</a>.</em></p>
    <blockquote>
    <h2>v3.7</h2>
    <h2>What's Changed</h2>
    <ul>
    <li>Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]</li>
    </ul>
    <p>Thanks to Guido Vranken for reporting the issue.</p>
    <p><strong>Full Changelog</strong>: <a href="https://github.com/kjd/idna/compare/v3.6...v3.7">https://github.com/kjd/idna/compare/v3.6...v3.7</a></p>
    </blockquote>
    </details>
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a href="https://github.com/kjd/idna/blob/master/HISTORY.rst">idna's changelog</a>.</em></p>
    <blockquote>
    <p>3.7 (2024-04-11)
    ++++++++++++++++</p>
    <ul>
    <li>Fix issue where specially crafted inputs to encode() could
    take exceptionally long amount of time to process. [CVE-2024-3651]</li>
    </ul>
    <p>Thanks to Guido Vranken for reporting the issue.</p>
    <p>3.6 (2023-11-25)
    ++++++++++++++++</p>
    <ul>
    <li>Fix regression to include tests in source distribution.</li>
    </ul>
    <p>3.5 (2023-11-24)
    ++++++++++++++++</p>
    <ul>
    <li>Update to Unicode 15.1.0</li>
    <li>String codec name is now &quot;idna2008&quot; as overriding the system codec
    &quot;idna&quot; was not working.</li>
    <li>Fix typing error for codec encoding</li>
    <li>&quot;setup.cfg&quot; has been added for this release due to some downstream
    lack of adherence to PEP 517. Should be removed in a future release
    so please prepare accordingly.</li>
    <li>Removed reliance on a symlink for the &quot;idna-data&quot; tool to comport
    with PEP 517 and the Python Packaging User Guide for sdist archives.</li>
    <li>Added security reporting protocol for project</li>
    </ul>
    <p>Thanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions
    to this release.</p>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d"><code>1d365e1</code></a> Release v3.7</li>
    <li><a href="https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6"><code>c1b3154</code></a> Merge pull request <a href="https://github.com/kjd/idna/issues/172">#172</a> from kjd/optimize-contextj</li>
    <li><a href="https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623"><code>0394ec7</code></a> Merge branch 'master' into optimize-contextj</li>
    <li><a href="https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966"><code>cd58a23</code></a> Merge pull request <a href="https://github.com/kjd/idna/issues/152">#152</a> from elliotwutingfeng/dev</li>
    <li><a href="https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7"><code>5beb28b</code></a> More efficient resolution of joiner contexts</li>
    <li><a href="https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b"><code>1b12148</code></a> Update ossf/scorecard-action to v2.3.1</li>
    <li><a href="https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067"><code>d516b87</code></a> Update Github actions/checkout to v4</li>
    <li><a href="https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7"><code>c095c75</code></a> Merge branch 'master' into dev</li>
    <li><a href="https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98"><code>60a0a4c</code></a> Fix typo in GitHub Actions workflow key</li>
    <li><a href="https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201"><code>5918a0e</code></a> Merge branch 'master' into dev</li>
    <li>Additional commits viewable in <a href="https://github.com/kjd/idna/compare/v3.4...v3.7">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=idna&package-manager=pip&previous-version=3.4&new-version=3.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aws/aws-cdk/network/alerts).
    
    </details>
    dependabot[bot] authored Apr 12, 2024
    Configuration menu
    Copy the full SHA
    fac2823 View commit details
    Browse the repository at this point in the history
  3. chore(deps): bump idna from 3.4 to 3.7 in /packages/@aws-cdk/aws-lamb…

    …da-python-alpha/test/lambda-handler-dockercopy (#29806)
    
    Bumps [idna](https://github.com/kjd/idna) from 3.4 to 3.7.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/kjd/idna/releases">idna's releases</a>.</em></p>
    <blockquote>
    <h2>v3.7</h2>
    <h2>What's Changed</h2>
    <ul>
    <li>Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]</li>
    </ul>
    <p>Thanks to Guido Vranken for reporting the issue.</p>
    <p><strong>Full Changelog</strong>: <a href="https://github.com/kjd/idna/compare/v3.6...v3.7">https://github.com/kjd/idna/compare/v3.6...v3.7</a></p>
    </blockquote>
    </details>
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a href="https://github.com/kjd/idna/blob/master/HISTORY.rst">idna's changelog</a>.</em></p>
    <blockquote>
    <p>3.7 (2024-04-11)
    ++++++++++++++++</p>
    <ul>
    <li>Fix issue where specially crafted inputs to encode() could
    take exceptionally long amount of time to process. [CVE-2024-3651]</li>
    </ul>
    <p>Thanks to Guido Vranken for reporting the issue.</p>
    <p>3.6 (2023-11-25)
    ++++++++++++++++</p>
    <ul>
    <li>Fix regression to include tests in source distribution.</li>
    </ul>
    <p>3.5 (2023-11-24)
    ++++++++++++++++</p>
    <ul>
    <li>Update to Unicode 15.1.0</li>
    <li>String codec name is now &quot;idna2008&quot; as overriding the system codec
    &quot;idna&quot; was not working.</li>
    <li>Fix typing error for codec encoding</li>
    <li>&quot;setup.cfg&quot; has been added for this release due to some downstream
    lack of adherence to PEP 517. Should be removed in a future release
    so please prepare accordingly.</li>
    <li>Removed reliance on a symlink for the &quot;idna-data&quot; tool to comport
    with PEP 517 and the Python Packaging User Guide for sdist archives.</li>
    <li>Added security reporting protocol for project</li>
    </ul>
    <p>Thanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions
    to this release.</p>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d"><code>1d365e1</code></a> Release v3.7</li>
    <li><a href="https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6"><code>c1b3154</code></a> Merge pull request <a href="https://github.com/kjd/idna/issues/172">#172</a> from kjd/optimize-contextj</li>
    <li><a href="https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623"><code>0394ec7</code></a> Merge branch 'master' into optimize-contextj</li>
    <li><a href="https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966"><code>cd58a23</code></a> Merge pull request <a href="https://github.com/kjd/idna/issues/152">#152</a> from elliotwutingfeng/dev</li>
    <li><a href="https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7"><code>5beb28b</code></a> More efficient resolution of joiner contexts</li>
    <li><a href="https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b"><code>1b12148</code></a> Update ossf/scorecard-action to v2.3.1</li>
    <li><a href="https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067"><code>d516b87</code></a> Update Github actions/checkout to v4</li>
    <li><a href="https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7"><code>c095c75</code></a> Merge branch 'master' into dev</li>
    <li><a href="https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98"><code>60a0a4c</code></a> Fix typo in GitHub Actions workflow key</li>
    <li><a href="https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201"><code>5918a0e</code></a> Merge branch 'master' into dev</li>
    <li>Additional commits viewable in <a href="https://github.com/kjd/idna/compare/v3.4...v3.7">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=idna&package-manager=pip&previous-version=3.4&new-version=3.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aws/aws-cdk/network/alerts).
    
    </details>
    dependabot[bot] authored Apr 12, 2024
    Configuration menu
    Copy the full SHA
    461719a View commit details
    Browse the repository at this point in the history
  4. chore(deps): bump idna from 3.4 to 3.7 in /packages/@aws-cdk/aws-lamb…

    …da-python-alpha/test/lambda-handler-pipenv (#29807)
    
    Bumps [idna](https://github.com/kjd/idna) from 3.4 to 3.7.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/kjd/idna/releases">idna's releases</a>.</em></p>
    <blockquote>
    <h2>v3.7</h2>
    <h2>What's Changed</h2>
    <ul>
    <li>Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]</li>
    </ul>
    <p>Thanks to Guido Vranken for reporting the issue.</p>
    <p><strong>Full Changelog</strong>: <a href="https://github.com/kjd/idna/compare/v3.6...v3.7">https://github.com/kjd/idna/compare/v3.6...v3.7</a></p>
    </blockquote>
    </details>
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a href="https://github.com/kjd/idna/blob/master/HISTORY.rst">idna's changelog</a>.</em></p>
    <blockquote>
    <p>3.7 (2024-04-11)
    ++++++++++++++++</p>
    <ul>
    <li>Fix issue where specially crafted inputs to encode() could
    take exceptionally long amount of time to process. [CVE-2024-3651]</li>
    </ul>
    <p>Thanks to Guido Vranken for reporting the issue.</p>
    <p>3.6 (2023-11-25)
    ++++++++++++++++</p>
    <ul>
    <li>Fix regression to include tests in source distribution.</li>
    </ul>
    <p>3.5 (2023-11-24)
    ++++++++++++++++</p>
    <ul>
    <li>Update to Unicode 15.1.0</li>
    <li>String codec name is now &quot;idna2008&quot; as overriding the system codec
    &quot;idna&quot; was not working.</li>
    <li>Fix typing error for codec encoding</li>
    <li>&quot;setup.cfg&quot; has been added for this release due to some downstream
    lack of adherence to PEP 517. Should be removed in a future release
    so please prepare accordingly.</li>
    <li>Removed reliance on a symlink for the &quot;idna-data&quot; tool to comport
    with PEP 517 and the Python Packaging User Guide for sdist archives.</li>
    <li>Added security reporting protocol for project</li>
    </ul>
    <p>Thanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions
    to this release.</p>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d"><code>1d365e1</code></a> Release v3.7</li>
    <li><a href="https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6"><code>c1b3154</code></a> Merge pull request <a href="https://github.com/kjd/idna/issues/172">#172</a> from kjd/optimize-contextj</li>
    <li><a href="https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623"><code>0394ec7</code></a> Merge branch 'master' into optimize-contextj</li>
    <li><a href="https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966"><code>cd58a23</code></a> Merge pull request <a href="https://github.com/kjd/idna/issues/152">#152</a> from elliotwutingfeng/dev</li>
    <li><a href="https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7"><code>5beb28b</code></a> More efficient resolution of joiner contexts</li>
    <li><a href="https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b"><code>1b12148</code></a> Update ossf/scorecard-action to v2.3.1</li>
    <li><a href="https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067"><code>d516b87</code></a> Update Github actions/checkout to v4</li>
    <li><a href="https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7"><code>c095c75</code></a> Merge branch 'master' into dev</li>
    <li><a href="https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98"><code>60a0a4c</code></a> Fix typo in GitHub Actions workflow key</li>
    <li><a href="https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201"><code>5918a0e</code></a> Merge branch 'master' into dev</li>
    <li>Additional commits viewable in <a href="https://github.com/kjd/idna/compare/v3.4...v3.7">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=idna&package-manager=pip&previous-version=3.4&new-version=3.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aws/aws-cdk/network/alerts).
    
    </details>
    dependabot[bot] authored Apr 12, 2024
    Configuration menu
    Copy the full SHA
    a7384c2 View commit details
    Browse the repository at this point in the history
  5. chore(eks): remove duplicate test case (#29814)

    ### Reason for this change
    
    The removed case `'throws when a core construct is added as cdk8s chart'` is the same as `'throws when a non cdk8s chart construct is added as cdk8s chart'`.
    
    ### Description of changes
    
    Removed duplicates.
    
    ### Description of how you validated changes
    
    Just removed the case.
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    matt9ucci authored Apr 12, 2024
    Configuration menu
    Copy the full SHA
    97e9ea0 View commit details
    Browse the repository at this point in the history
  6. fix(globalaccelerator): changing installLatestAwsSdk breaks Securit…

    …y Group reference (#29620)
    
    ### Issue # (if applicable)
    
    Closes #23796
    
    ### Reason for this change
    
    In #23591 `installLatestAwsSdk`. This results in a resource update for custom resources. The custom resource that fetches the security groups does not have an onUpdate handler (https://github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/aws-globalaccelerator/lib/_accelerator-security-group.ts#L32).
    
    When the empty object is returned, this results in an update failure in
    CloudFormation because the specific property isn't available and so it will fail with error below:
    
    ```
    CustomResource attribute error: Vendor response doesn't contain SecurityGroups.0.GroupId key in object
    ```
    
    When the update occurs, the response object does not have a `SecurityGroups.0.GroupId` field, resulting in failures when `SecurityGroups` is referenced.
    
    ### Description of changes
    Update the onCreate to onUpdate for custom resources to mitigate the CloudFormation update failure. Documentations: https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.custom_resources.AwsCustomResource.html#oncreate. 
    Similar fix for Cognito: #23798
    
    ### Description of how you validated changes
    
    The integration test is updated with the latest assets.
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    jingwy authored Apr 12, 2024
    Configuration menu
    Copy the full SHA
    ece7eb6 View commit details
    Browse the repository at this point in the history
  7. feat(sns): add TracingConfig prop (#29783)

    ### Issue # (if applicable)
    
    Closes #29714
    
    ### Reason for this change
    
    Currently, to set the TracingConfig, it is necessary to configure it via L1.
    So, add TracingConfig props to L2.
    
    ### Description of changes
    added TracingConfig props to topic.ts, sns.test.ts, integ.sns.ts, and README.md for AWS SNS.
    
    ### Description of how you validated changes
    I confirmed with unit test and integ test that it works as expected.
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    jun1-t authored Apr 12, 2024
    Configuration menu
    Copy the full SHA
    f14b60f View commit details
    Browse the repository at this point in the history
  8. fix(lambda): version.fromVersionArn creates invalid Version object (#…

    …29820)
    
    ### Issue # (if applicable)
    
    Closes #29813
    
    ### Reason for this change
    
    improve the fromFunctionArn()  to better handle the input ARN
    
    ### Description of changes
    
    fromFunctionArn() does not handle the ARN correctly if the input ARN has trailing version or alias.
    
    ### Description of how you validated changes
    
    See unit tests
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    pahud authored Apr 12, 2024
    1 Configuration menu
    Copy the full SHA
    8198884 View commit details
    Browse the repository at this point in the history
  9. feat(ec2): well-known port aliases (#29793)

    ### Issue # (if applicable)
    
    None as far as I can tell
    
    ### Reason for this change
    
    The web console lists commonly used ports when adding a rule to a security group, this aims to reproduce this simple quality of life shortcut. It can also help with code readability, and might save people from a typo
    
    ### Description of changes
    
    * Add well-known static `Port` instances
      * Intersection of the AWS web console listed ports and the [IANA Service Name and Transport Protocol Port Number Registry](https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.txt)
    
    ### Description of how you validated changes
    
    Compared the AWS web console values to the IANA list, and added a unit test to make sure the alias behaved properly 
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    nmussy authored Apr 12, 2024
    Configuration menu
    Copy the full SHA
    f10494c View commit details
    Browse the repository at this point in the history

Commits on Apr 14, 2024

  1. feat(custom-resources): add logging property to AwsSdkCall and crea…

    …te `Logging` class (#29648)
    
    ### Reason for this change
    
    SDK v2 and v3 handlers for `AwsCustomResource` log the event object passed to the handler, API responses, and caught /uncaught errors for each SDK call made. This can potentially result in logging sensitive information that a user may wish to hide. This PR introduces a new `logging` property on the `AwsSdkCall` interface that can be used to provide more control over logging in the SDK v2 and v3 handlers on a per SDK call basis. The `logging` flag is configurable via a new `Logging` class which exposes two static methods:
    - all: all logging during lambda execution is turned on
    - withDataHidden: hides all logged data associated with the API call response. This includes the raw response as well as the `Data` field on the response object
    
    Additional logging configurations can be added in the future.
    
    ### Description of changes
    
    Added a `logging` flag to the `AwsSdkCall` interface which is configurable via the new `Logging` class. The `Logging` class has an internal `render` method which renders the specified logging configuration which is passed as part of the `create`, `update`, and `delete` `ResourceProperties` to the lambda handler. These `logging` properties are then used throughout the handler to control what is logged based on their value
    
    ### Description of how you validated changes
    
    * A new integ test with `logging` as `withDataHidden` was added
    * Unit tests to ensure calling `render` on a `Logging` instance produces the expected result
    * Unit tests to ensure that using `logging` with `AwsSdkCall` while using `AwsCustomResource` produces the correct CloudFormation template
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    colifran authored Apr 14, 2024
    Configuration menu
    Copy the full SHA
    b049064 View commit details
    Browse the repository at this point in the history

Commits on Apr 15, 2024

  1. chore(deps): bump tj-actions/changed-files from 44.0.0 to 44.0.1 (#29831

    )
    
    Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 44.0.0 to 44.0.1.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/releases">tj-actions/changed-files's releases</a>.</em></p>
    <blockquote>
    <h2>v44.0.1</h2>
    <h2>What's Changed</h2>
    <ul>
    <li>Upgraded to v44 by <a href="https://github.com/tj-actions-bot"><code>@​tj-actions-bot</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2017">tj-actions/changed-files#2017</a></li>
    <li>chore(deps): update tj-actions/eslint-changed-files action to v24 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2019">tj-actions/changed-files#2019</a></li>
    <li>chore(deps): update dependency <code>@​types/node</code> to v20.12.2 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2020">tj-actions/changed-files#2020</a></li>
    <li>chore(deps): lock file maintenance by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2021">tj-actions/changed-files#2021</a></li>
    <li>chore(deps): update typescript-eslint monorepo to v7.5.0 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2022">tj-actions/changed-files#2022</a></li>
    <li>chore(deps): update dependency <code>@​types/node</code> to v20.12.3 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2023">tj-actions/changed-files#2023</a></li>
    <li>fix(deps): update dependency <code>@​octokit/rest</code> to v20.1.0 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2024">tj-actions/changed-files#2024</a></li>
    <li>chore(deps): update dependency <code>@​types/node</code> to v20.12.4 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2025">tj-actions/changed-files#2025</a></li>
    <li>chore(deps): update dependency typescript to v5.4.4 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2027">tj-actions/changed-files#2027</a></li>
    <li>chore(deps): bump undici from 5.28.3 to 5.28.4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2026">tj-actions/changed-files#2026</a></li>
    <li>chore(deps): update dependency <code>@​types/node</code> to v20.12.5 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2028">tj-actions/changed-files#2028</a></li>
    <li>chore(deps): update dependency eslint-plugin-jest to v28 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2030">tj-actions/changed-files#2030</a></li>
    <li>chore(deps): update dependency eslint-plugin-jest to v28.1.1 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2031">tj-actions/changed-files#2031</a></li>
    <li>chore(deps): update dependency eslint-plugin-jest to v28.2.0 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2032">tj-actions/changed-files#2032</a></li>
    <li>chore(deps): lock file maintenance by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2033">tj-actions/changed-files#2033</a></li>
    <li>chore(deps): update typescript-eslint monorepo to v7.6.0 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2034">tj-actions/changed-files#2034</a></li>
    <li>chore(deps): update dependency <code>@​types/node</code> to v20.12.6 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2035">tj-actions/changed-files#2035</a></li>
    <li>chore(deps): update dependency <code>@​types/node</code> to v20.12.7 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2036">tj-actions/changed-files#2036</a></li>
    </ul>
    <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/changed-files/compare/v44...v44.0.1">https://github.com/tj-actions/changed-files/compare/v44...v44.0.1</a></p>
    </blockquote>
    </details>
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p>
    <blockquote>
    <h1>Changelog</h1>
    <h1><a href="https://github.com/tj-actions/changed-files/compare/v44.0.0...v44.0.1">44.0.1</a> - (2024-04-09)</h1>
    <h2>🐛 Bug Fixes</h2>
    <ul>
    <li><strong>deps:</strong> Update dependency <code>@​octokit/rest</code> to v20.1.0 (<a href="https://github.com/tj-actions/changed-files/commit/57d40e662d530daae769897d18bded8d3cf4263b">57d40e6</a>)  - (renovate[bot])</li>
    </ul>
    <h2>➕ Add</h2>
    <ul>
    <li>Added missing changes and modified dist assets.
    (<a href="https://github.com/tj-actions/changed-files/commit/5f084a52a4aa792443ce2bbb4a91daa956a83c4f">5f084a5</a>)  - (GitHub Action)</li>
    </ul>
    <h2>⚙️ Miscellaneous Tasks</h2>
    <ul>
    <li><strong>deps:</strong> Update dependency <code>@​types/node</code> to v20.12.7 (<a href="https://github.com/tj-actions/changed-files/commit/635f118699dd888d737c15018cd30aff2e0274f8">635f118</a>)  - (renovate[bot])</li>
    <li><strong>deps:</strong> Update dependency <code>@​types/node</code> to v20.12.6 (<a href="https://github.com/tj-actions/changed-files/commit/634b61511ee053fabd2cfaaf72201ee2aba54a71">634b615</a>)  - (renovate[bot])</li>
    <li><strong>deps:</strong> Update typescript-eslint monorepo to v7.6.0 (<a href="https://github.com/tj-actions/changed-files/commit/77fcf43160285ab257bfa4b0ef824674404bb585">77fcf43</a>)  - (renovate[bot])</li>
    <li><strong>deps:</strong> Lock file maintenance (<a href="https://github.com/tj-actions/changed-files/commit/ff2cb1b4f2d5b477f5e0720e406ebb59af963a5b">ff2cb1b</a>)  - (renovate[bot])</li>
    <li><strong>deps:</strong> Update dependency eslint-plugin-jest to v28.2.0 (<a href="https://github.com/tj-actions/changed-files/commit/5d5da31340cc6c5ce75e99ca8e5436aeda1c111f">5d5da31</a>)  - (renovate[bot])</li>
    <li><strong>deps:</strong> Update dependency eslint-plugin-jest to v28.1.1 (<a href="https://github.com/tj-actions/changed-files/commit/29bc0d3fd93da8b4eae1bc7568d193b2092baf9c">29bc0d3</a>)  - (renovate[bot])</li>
    <li><strong>deps:</strong> Update dependency eslint-plugin-jest to v28 (<a href="https://github.com/tj-actions/changed-files/issues/2030">#2030</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c9f9d5784e44a3f04e2995c42e6ca15f7c41374b">c9f9d57</a>)  - (renovate[bot])</li>
    <li><strong>deps:</strong> Update dependency <code>@​types/node</code> to v20.12.5 (<a href="https://github.com/tj-actions/changed-files/commit/a4fba0109cdb1460d2d6a345cbe68883a3efec47">a4fba01</a>)  - (renovate[bot])</li>
    <li><strong>deps:</strong> Bump undici from 5.28.3 to 5.28.4 (<a href="https://github.com/tj-actions/changed-files/issues/2026">#2026</a>) (<a href="https://github.com/tj-actions/changed-files/commit/8a6546164ab50b552bf37a71eb624e115731c3ee">8a65461</a>)  - (dependabot[bot])</li>
    <li><strong>deps:</strong> Update dependency typescript to v5.4.4 (<a href="https://github.com/tj-actions/changed-files/commit/bad2eb6859141c0628b71ff4ae0fa1a39a8cfd1a">bad2eb6</a>)  - (renovate[bot])</li>
    <li><strong>deps:</strong> Update dependency <code>@​types/node</code> to v20.12.4 (<a href="https://github.com/tj-actions/changed-files/commit/b2dbd4264a1b1ffc90b7b807d01e572eaf935f06">b2dbd42</a>)  - (renovate[bot])</li>
    <li><strong>deps:</strong> Update dependency <code>@​types/node</code> to v20.12.3 (<a href="https://github.com/tj-actions/changed-files/commit/185549c022e131c14c82c9ddfd42ca3fc4a503c2">185549c</a>)  - (renovate[bot])</li>
    <li><strong>deps:</strong> Update typescript-eslint monorepo to v7.5.0 (<a href="https://github.com/tj-actions/changed-files/commit/f853fd059210921daf74c68d70c6f77b2dd21f8c">f853fd0</a>)  - (renovate[bot])</li>
    <li><strong>deps:</strong> Lock file maintenance (<a href="https://github.com/tj-actions/changed-files/commit/cd3c6e6bbdabefdea4c7311299eacf440eefabaf">cd3c6e6</a>)  - (renovate[bot])</li>
    <li><strong>deps:</strong> Update dependency <code>@​types/node</code> to v20.12.2 (<a href="https://github.com/tj-actions/changed-files/commit/e5ce44a30190a3af4c81b960587845596e2300ca">e5ce44a</a>)  - (renovate[bot])</li>
    <li><strong>deps:</strong> Update tj-actions/eslint-changed-files action to v24 (<a href="https://github.com/tj-actions/changed-files/issues/2019">#2019</a>) (<a href="https://github.com/tj-actions/changed-files/commit/ccdcd17ffd1350eb36c1ff43637d0dbd40b8cdfb">ccdcd17</a>)  - (renovate[bot])</li>
    </ul>
    <h2>⬆️ Upgrades</h2>
    <ul>
    <li>Upgraded to v44 (<a href="https://github.com/tj-actions/changed-files/issues/2017">#2017</a>)</li>
    </ul>
    <p>Co-authored-by: jackton1 <a href="mailto:17484350+jackton1@users.noreply.github.com">17484350+jackton1@users.noreply.github.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/e4b8dafc5d0002cc57a632e6a376df5c8c368481">e4b8daf</a>)  - (tj-actions[bot])</p>
    <h1><a href="https://github.com/tj-actions/changed-files/compare/v43.0.1...v44.0.0">44.0.0</a> - (2024-03-27)</h1>
    <h2>🐛 Bug Fixes</h2>
    <ul>
    <li>Ensure the fork remote doesn't exists before creating it (<a href="https://github.com/tj-actions/changed-files/issues/2012">#2012</a>) (<a href="https://github.com/tj-actions/changed-files/commit/4bbd49b9986b1300b75e8efb5778350b750ae6c8">4bbd49b</a>)  - (Tonye Jack)</li>
    <li>Update previos sha for forks (<a href="https://github.com/tj-actions/changed-files/issues/2011">#2011</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f0e7702ccc35952acb83edeb7400b05c0a67e2be">f0e7702</a>)  - (Tonye Jack)</li>
    <li>Update to add the fork remote (<a href="https://github.com/tj-actions/changed-files/issues/2010">#2010</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6354e6c5426d1e7c7a2d8a5887e26b535837958e">6354e6c</a>)  - (Tonye Jack)</li>
    <li>Check for setting remote urls for forks (<a href="https://github.com/tj-actions/changed-files/issues/2009">#2009</a>) (<a href="https://github.com/tj-actions/changed-files/commit/117616472fb771d9e030aa0c3741057ad520d9cf">1176164</a>)  - (Tonye Jack)</li>
    <li>Bug with prs from forks returning incorrect set of changed files (<a href="https://github.com/tj-actions/changed-files/issues/2007">#2007</a>) (<a href="https://github.com/tj-actions/changed-files/commit/4ff79362e5015d6d0c6c0050b3082c97a5b7e84a">4ff7936</a>)  - (Tonye Jack)</li>
    </ul>
    <h2>➖ Remove</h2>
    
    </blockquote>
    <p>... (truncated)</p>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/tj-actions/changed-files/commit/635f118699dd888d737c15018cd30aff2e0274f8"><code>635f118</code></a> chore(deps): update dependency <code>@​types/node</code> to v20.12.7</li>
    <li><a href="https://github.com/tj-actions/changed-files/commit/634b61511ee053fabd2cfaaf72201ee2aba54a71"><code>634b615</code></a> chore(deps): update dependency <code>@​types/node</code> to v20.12.6</li>
    <li><a href="https://github.com/tj-actions/changed-files/commit/77fcf43160285ab257bfa4b0ef824674404bb585"><code>77fcf43</code></a> chore(deps): update typescript-eslint monorepo to v7.6.0</li>
    <li><a href="https://github.com/tj-actions/changed-files/commit/5f084a52a4aa792443ce2bbb4a91daa956a83c4f"><code>5f084a5</code></a> Added missing changes and modified dist assets.</li>
    <li><a href="https://github.com/tj-actions/changed-files/commit/ff2cb1b4f2d5b477f5e0720e406ebb59af963a5b"><code>ff2cb1b</code></a> chore(deps): lock file maintenance</li>
    <li><a href="https://github.com/tj-actions/changed-files/commit/5d5da31340cc6c5ce75e99ca8e5436aeda1c111f"><code>5d5da31</code></a> chore(deps): update dependency eslint-plugin-jest to v28.2.0</li>
    <li><a href="https://github.com/tj-actions/changed-files/commit/29bc0d3fd93da8b4eae1bc7568d193b2092baf9c"><code>29bc0d3</code></a> chore(deps): update dependency eslint-plugin-jest to v28.1.1</li>
    <li><a href="https://github.com/tj-actions/changed-files/commit/c9f9d5784e44a3f04e2995c42e6ca15f7c41374b"><code>c9f9d57</code></a> chore(deps): update dependency eslint-plugin-jest to v28 (<a href="https://github.com/tj-actions/changed-files/issues/2030">#2030</a>)</li>
    <li><a href="https://github.com/tj-actions/changed-files/commit/a4fba0109cdb1460d2d6a345cbe68883a3efec47"><code>a4fba01</code></a> chore(deps): update dependency <code>@​types/node</code> to v20.12.5</li>
    <li><a href="https://github.com/tj-actions/changed-files/commit/8a6546164ab50b552bf37a71eb624e115731c3ee"><code>8a65461</code></a> chore(deps): bump undici from 5.28.3 to 5.28.4 (<a href="https://github.com/tj-actions/changed-files/issues/2026">#2026</a>)</li>
    <li>Additional commits viewable in <a href="https://github.com/tj-actions/changed-files/compare/2d756ea4c53f7f6b397767d8723b3a10a9f35bf2...635f118699dd888d737c15018cd30aff2e0274f8">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tj-actions/changed-files&package-manager=github_actions&previous-version=44.0.0&new-version=44.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    
    
    </details>
    dependabot[bot] authored Apr 15, 2024
    Configuration menu
    Copy the full SHA
    df019dc View commit details
    Browse the repository at this point in the history
  2. feat: update L1 CloudFormation resource definitions (#29798)

    Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec`
    
    **L1 CloudFormation resource definition changes:**
    ```
    ├[~] service aws-amplify
    │ └ resources
    │    └[~] resource AWS::Amplify::Domain
    │      ├ properties
    │      │  ├[-] Certificate: Certificate
    │      │  └[-] UpdateStatus: string
    │      └ attributes
    │         ├[+] Certificate: Certificate
    │         └[+] UpdateStatus: string
    ├[~] service aws-appconfig
    │ └ resources
    │    ├[~] resource AWS::AppConfig::Application
    │    │ └  - documentation: The `AWS::AppConfig::Application` resource creates an application. In AWS AppConfig , an application is simply an organizational construct like a folder. This organizational construct has a relationship with some unit of executable code. For example, you could create an application called MyMobileApp to organize and manage configuration data for a mobile application installed by your users.
    │    │    AWS AppConfig requires that you create resources and deploy a configuration in the following order:
    │    │    - Create an application
    │    │    - Create an environment
    │    │    - Create a configuration profile
    │    │    - Create a deployment strategy
    │    │    - Deploy the configuration
    │    │    For more information, see [AWS AppConfig](https://docs.aws.amazon.com/appconfig/latest/userguide/what-is-appconfig.html) in the *AWS AppConfig User Guide* .
    │    │    + documentation: The `AWS::AppConfig::Application` resource creates an application. In AWS AppConfig , an application is simply an organizational construct like a folder. This organizational construct has a relationship with some unit of executable code. For example, you could create an application called MyMobileApp to organize and manage configuration data for a mobile application installed by your users.
    │    │    AWS AppConfig requires that you create resources and deploy a configuration in the following order:
    │    │    - Create an application
    │    │    - Create an environment
    │    │    - Create a configuration profile
    │    │    - Choose a pre-defined deployment strategy or create your own
    │    │    - Deploy the configuration
    │    │    For more information, see [AWS AppConfig](https://docs.aws.amazon.com/appconfig/latest/userguide/what-is-appconfig.html) in the *AWS AppConfig User Guide* .
    │    ├[~] resource AWS::AppConfig::ConfigurationProfile
    │    │ ├  - documentation: The `AWS::AppConfig::ConfigurationProfile` resource creates a configuration profile that enables AWS AppConfig to access the configuration source. Valid configuration sources include AWS Systems Manager (SSM) documents, SSM Parameter Store parameters, and Amazon S3 . A configuration profile includes the following information.
    │    │ │  - The Uri location of the configuration data.
    │    │ │  - The AWS Identity and Access Management ( IAM ) role that provides access to the configuration data.
    │    │ │  - A validator for the configuration data. Available validators include either a JSON Schema or the Amazon Resource Name (ARN) of an AWS Lambda function.
    │    │ │  AWS AppConfig requires that you create resources and deploy a configuration in the following order:
    │    │ │  - Create an application
    │    │ │  - Create an environment
    │    │ │  - Create a configuration profile
    │    │ │  - Create a deployment strategy
    │    │ │  - Deploy the configuration
    │    │ │  For more information, see [AWS AppConfig](https://docs.aws.amazon.com/appconfig/latest/userguide/what-is-appconfig.html) in the *AWS AppConfig User Guide* .
    │    │ │  + documentation: The `AWS::AppConfig::ConfigurationProfile` resource creates a configuration profile that enables AWS AppConfig to access the configuration source. Valid configuration sources include AWS Systems Manager (SSM) documents, SSM Parameter Store parameters, and Amazon S3 . A configuration profile includes the following information.
    │    │ │  - The Uri location of the configuration data.
    │    │ │  - The AWS Identity and Access Management ( IAM ) role that provides access to the configuration data.
    │    │ │  - A validator for the configuration data. Available validators include either a JSON Schema or the Amazon Resource Name (ARN) of an AWS Lambda function.
    │    │ │  AWS AppConfig requires that you create resources and deploy a configuration in the following order:
    │    │ │  - Create an application
    │    │ │  - Create an environment
    │    │ │  - Create a configuration profile
    │    │ │  - Choose a pre-defined deployment strategy or create your own
    │    │ │  - Deploy the configuration
    │    │ │  For more information, see [AWS AppConfig](https://docs.aws.amazon.com/appconfig/latest/userguide/what-is-appconfig.html) in the *AWS AppConfig User Guide* .
    │    │ └ attributes
    │    │    └ KmsKeyArn: (documentation changed)
    │    ├[~] resource AWS::AppConfig::Deployment
    │    │ ├  - documentation: The `AWS::AppConfig::Deployment` resource starts a deployment. Starting a deployment in AWS AppConfig calls the `StartDeployment` API action. This call includes the IDs of the AWS AppConfig application, the environment, the configuration profile, and (optionally) the configuration data version to deploy. The call also includes the ID of the deployment strategy to use, which determines how the configuration data is deployed.
    │    │ │  AWS AppConfig monitors the distribution to all hosts and reports status. If a distribution fails, then AWS AppConfig rolls back the configuration.
    │    │ │  AWS AppConfig requires that you create resources and deploy a configuration in the following order:
    │    │ │  - Create an application
    │    │ │  - Create an environment
    │    │ │  - Create a configuration profile
    │    │ │  - Create a deployment strategy
    │    │ │  - Deploy the configuration
    │    │ │  For more information, see [AWS AppConfig](https://docs.aws.amazon.com/appconfig/latest/userguide/what-is-appconfig.html) in the *AWS AppConfig User Guide* .
    │    │ │  + documentation: The `AWS::AppConfig::Deployment` resource starts a deployment. Starting a deployment in AWS AppConfig calls the `StartDeployment` API action. This call includes the IDs of the AWS AppConfig application, the environment, the configuration profile, and (optionally) the configuration data version to deploy. The call also includes the ID of the deployment strategy to use, which determines how the configuration data is deployed.
    │    │ │  AWS AppConfig monitors the distribution to all hosts and reports status. If a distribution fails, then AWS AppConfig rolls back the configuration.
    │    │ │  AWS AppConfig requires that you create resources and deploy a configuration in the following order:
    │    │ │  - Create an application
    │    │ │  - Create an environment
    │    │ │  - Create a configuration profile
    │    │ │  - Choose a pre-defined deployment strategy or create your own
    │    │ │  - Deploy the configuration
    │    │ │  For more information, see [AWS AppConfig](https://docs.aws.amazon.com/appconfig/latest/userguide/what-is-appconfig.html) in the *AWS AppConfig User Guide* .
    │    │ ├ properties
    │    │ │  └ DynamicExtensionParameters: (documentation changed)
    │    │ └ types
    │    │    └[~] type DynamicExtensionParameters
    │    │      ├  - documentation: undefined
    │    │      │  + documentation: A map of dynamic extension parameter names to values to pass to associated extensions with `PRE_START_DEPLOYMENT` actions.
    │    │      └ properties
    │    │         ├ ExtensionReference: (documentation changed)
    │    │         ├ ParameterName: (documentation changed)
    │    │         └ ParameterValue: (documentation changed)
    │    ├[~] resource AWS::AppConfig::DeploymentStrategy
    │    │ ├  - documentation: The `AWS::AppConfig::DeploymentStrategy` resource creates an AWS AppConfig deployment strategy. A deployment strategy defines important criteria for rolling out your configuration to the designated targets. A deployment strategy includes: the overall duration required, a percentage of targets to receive the deployment during each interval, an algorithm that defines how percentage grows, and bake time.
    │    │ │  AWS AppConfig requires that you create resources and deploy a configuration in the following order:
    │    │ │  - Create an application
    │    │ │  - Create an environment
    │    │ │  - Create a configuration profile
    │    │ │  - Create a deployment strategy
    │    │ │  - Deploy the configuration
    │    │ │  For more information, see [AWS AppConfig](https://docs.aws.amazon.com/appconfig/latest/userguide/what-is-appconfig.html) in the *AWS AppConfig User Guide* .
    │    │ │  + documentation: The `AWS::AppConfig::DeploymentStrategy` resource creates an AWS AppConfig deployment strategy. A deployment strategy defines important criteria for rolling out your configuration to the designated targets. A deployment strategy includes: the overall duration required, a percentage of targets to receive the deployment during each interval, an algorithm that defines how percentage grows, and bake time.
    │    │ │  AWS AppConfig requires that you create resources and deploy a configuration in the following order:
    │    │ │  - Create an application
    │    │ │  - Create an environment
    │    │ │  - Create a configuration profile
    │    │ │  - Choose a pre-defined deployment strategy or create your own
    │    │ │  - Deploy the configuration
    │    │ │  For more information, see [AWS AppConfig](https://docs.aws.amazon.com/appconfig/latest/userguide/what-is-appconfig.html) in the *AWS AppConfig User Guide* .
    │    │ └ attributes
    │    │    └ Id: (documentation changed)
    │    ├[~] resource AWS::AppConfig::Environment
    │    │ └  - documentation: The `AWS::AppConfig::Environment` resource creates an environment, which is a logical deployment group of AWS AppConfig targets, such as applications in a `Beta` or `Production` environment. You define one or more environments for each AWS AppConfig application. You can also define environments for application subcomponents such as the `Web` , `Mobile` and `Back-end` components for your application. You can configure Amazon CloudWatch alarms for each environment. The system monitors alarms during a configuration deployment. If an alarm is triggered, the system rolls back the configuration.
    │    │    AWS AppConfig requires that you create resources and deploy a configuration in the following order:
    │    │    - Create an application
    │    │    - Create an environment
    │    │    - Create a configuration profile
    │    │    - Create a deployment strategy
    │    │    - Deploy the configuration
    │    │    For more information, see [AWS AppConfig](https://docs.aws.amazon.com/appconfig/latest/userguide/what-is-appconfig.html) in the *AWS AppConfig User Guide* .
    │    │    + documentation: The `AWS::AppConfig::Environment` resource creates an environment, which is a logical deployment group of AWS AppConfig targets, such as applications in a `Beta` or `Production` environment. You define one or more environments for each AWS AppConfig application. You can also define environments for application subcomponents such as the `Web` , `Mobile` and `Back-end` components for your application. You can configure Amazon CloudWatch alarms for each environment. The system monitors alarms during a configuration deployment. If an alarm is triggered, the system rolls back the configuration.
    │    │    AWS AppConfig requires that you create resources and deploy a configuration in the following order:
    │    │    - Create an application
    │    │    - Create an environment
    │    │    - Create a configuration profile
    │    │    - Choose a pre-defined deployment strategy or create your own
    │    │    - Deploy the configuration
    │    │    For more information, see [AWS AppConfig](https://docs.aws.amazon.com/appconfig/latest/userguide/what-is-appconfig.html) in the *AWS AppConfig User Guide* .
    │    └[~] resource AWS::AppConfig::Extension
    │      └ types
    │         └[~] type Action
    │           ├  - documentation: An action defines the tasks that the extension performs during the AWS AppConfig workflow. Each action includes an action point such as `ON_CREATE_HOSTED_CONFIGURATION` , `PRE_DEPLOYMENT` , or `ON_DEPLOYMENT` . Each action also includes a name, a URI to an AWS Lambda function, and an Amazon Resource Name (ARN) for an AWS Identity and Access Management assume role. You specify the name, URI, and ARN for each *action point* defined in the extension. You can specify the following actions for an extension:
    │           │  - `PRE_CREATE_HOSTED_CONFIGURATION_VERSION`
    │           │  - `PRE_START_DEPLOYMENT`
    │           │  - `ON_DEPLOYMENT_START`
    │           │  - `ON_DEPLOYMENT_STEP`
    │           │  - `ON_DEPLOYMENT_BAKING`
    │           │  - `ON_DEPLOYMENT_COMPLETE`
    │           │  - `ON_DEPLOYMENT_ROLLED_BACK`
    │           │  + documentation: The actions defined in the extension.
    │           └ properties
    │              └ Description: (documentation changed)
    ├[~] service aws-apprunner
    │ └ resources
    │    └[~] resource AWS::AppRunner::VpcConnector
    │      └ properties
    │         └ Tags: (documentation changed)
    ├[~] service aws-aps
    │ └ resources
    │    ├[~] resource AWS::APS::RuleGroupsNamespace
    │    │ └ properties
    │    │    └ Workspace: (documentation changed)
    │    └[~] resource AWS::APS::Scraper
    │      ├  - documentation: Resource Type definition for AWS::APS::Scraper
    │      │  + documentation: A scraper is a fully-managed agentless collector that discovers and pulls metrics automatically. A scraper pulls metrics from Prometheus-compatible sources within an Amazon EKS cluster, and sends them to your Amazon Managed Service for Prometheus workspace. Scrapers are flexible. You can configure the scraper to control what metrics are collected, the frequency of collection, what transformations are applied to the metrics, and more.
    │      │  An IAM role will be created for you that Amazon Managed Service for Prometheus uses to access the metrics in your cluster. You must configure this role with a policy that allows it to scrape metrics from your cluster. For more information, see [Configuring your Amazon EKS cluster](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-collector-how-to.html#AMP-collector-eks-setup) in the *Amazon Managed Service for Prometheus User Guide* .
    │      │  The `scrapeConfiguration` parameter contains the YAML configuration for the scraper.
    │      │  > For more information about collectors, including what metrics are collected, and how to configure the scraper, see [Using an AWS managed collector](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-collector-how-to.html) in the *Amazon Managed Service for Prometheus User Guide* .
    │      ├ properties
    │      │  ├ Alias: (documentation changed)
    │      │  ├ Destination: (documentation changed)
    │      │  ├ ScrapeConfiguration: (documentation changed)
    │      │  ├ Source: (documentation changed)
    │      │  └ Tags: (documentation changed)
    │      ├ attributes
    │      │  ├ Arn: (documentation changed)
    │      │  ├ RoleArn: (documentation changed)
    │      │  └ ScraperId: (documentation changed)
    │      └ types
    │         ├[~] type AmpConfiguration
    │         │ ├  - documentation: Configuration for Amazon Managed Prometheus metrics destination
    │         │ │  + documentation: The `AmpConfiguration` structure defines the Amazon Managed Service for Prometheus instance a scraper should send metrics to.
    │         │ └ properties
    │         │    └ WorkspaceArn: (documentation changed)
    │         ├[~] type Destination
    │         │ ├  - documentation: Scraper metrics destination
    │         │ │  + documentation: Where to send the metrics from a scraper.
    │         │ └ properties
    │         │    └ AmpConfiguration: (documentation changed)
    │         ├[~] type EksConfiguration
    │         │ ├  - documentation: Configuration for EKS metrics source
    │         │ │  + documentation: The `EksConfiguration` structure describes the connection to the Amazon EKS cluster from which a scraper collects metrics.
    │         │ └ properties
    │         │    ├ ClusterArn: (documentation changed)
    │         │    ├ SecurityGroupIds: (documentation changed)
    │         │    └ SubnetIds: (documentation changed)
    │         ├[~] type ScrapeConfiguration
    │         │ ├  - documentation: Scraper configuration
    │         │ │  + documentation: A scrape configuration for a scraper, base 64 encoded. For more information, see [Scraper configuration](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-collector-how-to.html#AMP-collector-configuration) in the *Amazon Managed Service for Prometheus User Guide* .
    │         │ └ properties
    │         │    └ ConfigurationBlob: (documentation changed)
    │         └[~] type Source
    │           ├  - documentation: Scraper metrics source
    │           │  + documentation: The source of collected metrics for a scraper.
    │           └ properties
    │              └ EksConfiguration: (documentation changed)
    ├[~] service aws-b2bi
    │ └ resources
    │    ├[~] resource AWS::B2BI::Capability
    │    │ └ types
    │    │    └[~] type X12Details
    │    │      └ properties
    │    │         └ Version: (documentation changed)
    │    └[~] resource AWS::B2BI::Transformer
    │      └ types
    │         └[~] type X12Details
    │           └ properties
    │              └ Version: (documentation changed)
    ├[~] service aws-backup
    │ └ resources
    │    ├[~] resource AWS::Backup::BackupVault
    │    │ └ properties
    │    │    └ BackupVaultTags: (documentation changed)
    │    ├[~] resource AWS::Backup::Framework
    │    │ └ properties
    │    │    └ FrameworkTags: (documentation changed)
    │    ├[~] resource AWS::Backup::RestoreTestingPlan
    │    │ └ types
    │    │    └[~] type RestoreTestingRecoveryPointSelection
    │    │      ├  - documentation: Required: Algorithm; Required: Recovery point types; IncludeVaults(one or more). Optional: SelectionWindowDays ('30' if not specified);ExcludeVaults (list of selectors), defaults to empty list if not listed.
    │    │      │  + documentation: `RecoveryPointSelection` has five parameters (three required and two optional). The values you specify determine which recovery point is included in the restore test. You must indicate with `Algorithm` if you want the latest recovery point within your `SelectionWindowDays` or if you want a random recovery point, and you must indicate through `IncludeVaults` from which vaults the recovery points can be chosen.
    │    │      │  `Algorithm` ( *required* ) Valid values: " `LATEST_WITHIN_WINDOW` " or " `RANDOM_WITHIN_WINDOW` ".
    │    │      │  `Recovery point types` ( *required* ) Valid values: " `SNAPSHOT` " and/or " `CONTINUOUS` ". Include `SNAPSHOT` to restore only snapshot recovery points; include `CONTINUOUS` to restore continuous recovery points (point in time restore / PITR); use both to restore either a snapshot or a continuous recovery point. The recovery point will be determined by the value for `Algorithm` .
    │    │      │  `IncludeVaults` ( *required* ). You must include one or more backup vaults. Use the wildcard ["*"] or specific ARNs.
    │    │      │  `SelectionWindowDays` ( *optional* ) Value must be an integer (in days) from 1 to 365. If not included, the value defaults to `30` .
    │    │      │  `ExcludeVaults` ( *optional* ). You can choose to input one or more specific backup vault ARNs to exclude those vaults' contents from restore eligibility. Or, you can include a list of selectors. If this parameter and its value are not included, it defaults to empty list.
    │    │      └ properties
    │    │         └ RecoveryPointTypes: (documentation changed)
    │    └[~] resource AWS::Backup::RestoreTestingSelection
    │      └ types
    │         └[~] type KeyValue
    │           └ properties
    │              ├ Key: (documentation changed)
    │              └ Value: (documentation changed)
    ├[~] service aws-batch
    │ └ resources
    │    └[~] resource AWS::Batch::JobDefinition
    │      └ types
    │         ├[+] type ImagePullSecret
    │         │ ├  name: ImagePullSecret
    │         │ └ properties
    │         │    └Name: string (required)
    │         ├[~] type PodProperties
    │         │ └ properties
    │         │    └[+] ImagePullSecrets: Array<ImagePullSecret>
    │         └[~] type SecurityContext
    │           └ properties
    │              └[+] AllowPrivilegeEscalation: boolean
    ├[+] service aws-bcmdataexports
    │ ├  capitalized: BCMDataExports
    │ │  cloudFormationNamespace: AWS::BCMDataExports
    │ │  name: aws-bcmdataexports
    │ │  shortName: bcmdataexports
    │ └ resources
    │    └resource AWS::BCMDataExports::Export
    │     ├  name: Export
    │     │  cloudFormationType: AWS::BCMDataExports::Export
    │     │  documentation: Creates a data export and specifies the data query, the delivery preference, and any optional resource tags.
    │     │  A `DataQuery` consists of both a `QueryStatement` and `TableConfigurations` .
    │     │  The `QueryStatement` is an SQL statement. Data Exports only supports a limited subset of the SQL syntax. For more information on the SQL syntax that is supported, see [Data query](https://docs.aws.amazon.com/cur/latest/userguide/de-data-query.html) . To view the available tables and columns, see the [Data Exports table dictionary](https://docs.aws.amazon.com/cur/latest/userguide/de-table-dictionary.html) .
    │     │  The `TableConfigurations` is a collection of specified `TableProperties` for the table being queried in the `QueryStatement` . TableProperties are additional configurations you can provide to change the data and schema of a table. Each table can have different TableProperties. However, tables are not required to have any TableProperties. Each table property has a default value that it assumes if not specified. For more information on table configurations, see [Data query](https://docs.aws.amazon.com/cur/latest/userguide/de-data-query.html) . To view the table properties available for each table, see the [Data Exports table dictionary](https://docs.aws.amazon.com/cur/latest/userguide/de-table-dictionary.html) or use the `ListTables` API to get a response of all tables and their available properties.
    │     │  tagInformation: {"tagPropertyName":"Tags","variant":"standard"}
    │     ├ properties
    │     │  ├Export: Export (required)
    │     │  └Tags: Array<ResourceTag>
    │     ├ attributes
    │     │  └ExportArn: string
    │     └ types
    │        ├type Export
    │        │├  documentation: The details that are available for an export.
    │        ││  name: Export
    │        │└ properties
    │        │   ├ExportArn: string
    │        │   ├Name: string (required, immutable)
    │        │   ├Description: string
    │        │   ├DataQuery: DataQuery (required)
    │        │   ├DestinationConfigurations: DestinationConfigurations (required)
    │        │   └RefreshCadence: RefreshCadence (required, immutable)
    │        ├type DataQuery
    │        │├  documentation: The SQL query of column selections and row filters from the data table you want.
    │        ││  name: DataQuery
    │        │└ properties
    │        │   ├QueryStatement: string (required)
    │        │   └TableConfigurations: Map<string, Map<string, string>> (immutable)
    │        ├type DestinationConfigurations
    │        │├  documentation: The destinations used for data exports.
    │        ││  name: DestinationConfigurations
    │        │└ properties
    │        │   └S3Destination: S3Destination (required)
    │        ├type S3Destination
    │        │├  documentation: Describes the destination Amazon Simple Storage Service (Amazon S3) bucket name and object keys of a data exports file.
    │        ││  name: S3Destination
    │        │└ properties
    │        │   ├S3Bucket: string (required)
    │        │   ├S3Prefix: string (required)
    │        │   ├S3Region: string (required)
    │        │   └S3OutputConfigurations: S3OutputConfigurations (required)
    │        ├type S3OutputConfigurations
    │        │├  documentation: The compression type, file format, and overwrite preference for the data export.
    │        ││  name: S3OutputConfigurations
    │        │└ properties
    │        │   ├OutputType: string (required)
    │        │   ├Format: string (required)
    │        │   ├Compression: string (required)
    │        │   └Overwrite: string (required)
    │        ├type RefreshCadence
    │        │├  documentation: The cadence for AWS to update the data export in your S3 bucket.
    │        ││  name: RefreshCadence
    │        │└ properties
    │        │   └Frequency: string (required)
    │        └type ResourceTag
    │         ├  documentation: The tag structure that contains a tag key and value.
    │         │  name: ResourceTag
    │         └ properties
    │            ├Key: string (required)
    │            └Value: string (required)
    ├[+] service aws-bedrock
    │ ├  capitalized: Bedrock
    │ │  cloudFormationNamespace: AWS::Bedrock
    │ │  name: aws-bedrock
    │ │  shortName: bedrock
    │ └ resources
    │    ├resource AWS::Bedrock::Agent
    │    │├  name: Agent
    │    ││  cloudFormationType: AWS::Bedrock::Agent
    │    ││  documentation: Specifies an agent as a resource in a top-level template. Minimally, you must specify the following properties:
    │    ││  - AgentName – Specify a name for the agent.
    │    ││  - AgentResourceRoleArn – Specify the Amazon Resource Name (ARN) of the service role with permissions to invoke API operations on the agent. For more information, see [Create a service role for Agents for Amazon Bedrock](https://docs.aws.amazon.com/bedrock/latest/userguide/agents-permissions.html) .
    │    ││  - FoundationModel – Specify the model ID of a foundation model to use when invoking the agent. For more information, see [Supported regions and models for Agents for Amazon Bedrock](https://docs.aws.amazon.com//bedrock/latest/userguide/agents-supported.html) .
    │    ││  For more information about using agents in Amazon Bedrock , see [Agents for Amazon Bedrock](https://docs.aws.amazon.com/bedrock/latest/userguide/agents.html) .
    │    ││  See the *Properties* section below for descriptions of both the required and optional properties.
    │    ││  tagInformation: {"tagPropertyName":"Tags","variant":"map"}
    │    │├ properties
    │    ││  ├ActionGroups: Array<AgentActionGroup>
    │    ││  ├AgentName: string (required)
    │    ││  ├AgentResourceRoleArn: string
    │    ││  ├AutoPrepare: boolean (default=false)
    │    ││  ├CustomerEncryptionKeyArn: string
    │    ││  ├SkipResourceInUseCheckOnDelete: boolean (default=false)
    │    ││  ├Description: string
    │    ││  ├FoundationModel: string
    │    ││  ├IdleSessionTTLInSeconds: number
    │    ││  ├Instruction: string
    │    ││  ├KnowledgeBases: Array<AgentKnowledgeBase>
    │    ││  ├PromptOverrideConfiguration: PromptOverrideConfiguration
    │    ││  └Tags: Map<string, string>
    │    │├ attributes
    │    ││  ├AgentArn: string
    │    ││  ├AgentId: string
    │    ││  ├AgentStatus: string
    │    ││  ├AgentVersion: string
    │    ││  ├CreatedAt: string
    │    ││  ├FailureReasons: Array<string>
    │    ││  ├PreparedAt: string
    │    ││  ├RecommendedActions: Array<string>
    │    ││  └UpdatedAt: string
    │    │└ types
    │    │   ├type AgentActionGroup
    │    │   │├  documentation: Contains details about an action group.
    │    │   ││  name: AgentActionGroup
    │    │   │└ properties
    │    │   │   ├ActionGroupName: string (required)
    │    │   │   ├Description: string
    │    │   │   ├ParentActionGroupSignature: string
    │    │   │   ├ActionGroupExecutor: ActionGroupExecutor
    │    │   │   ├ApiSchema: APISchema
    │    │   │   ├ActionGroupState: string
    │    │   │   └SkipResourceInUseCheckOnDelete: boolean (default=false)
    │    │   ├type ActionGroupExecutor
    │    │   │├  documentation: Contains details about the Lambda function containing the business logic that is carried out upon invoking the action.
    │    │   ││  name: ActionGroupExecutor
    │    │   │└ properties
    │    │   │   └Lambda: string (required)
    │    │   ├type APISchema
    │    │   │├  documentation: Contains details about the OpenAPI schema for the action group. For more information, see [Action group OpenAPI schemas](https://docs.aws.amazon.com/bedrock/latest/userguide/agents-api-schema.html) . You can either include the schema directly in the `payload` field or you can upload it to an S3 bucket and specify the S3 bucket location in the `s3` field.
    │    │   ││  name: APISchema
    │    │   │└ properties
    │    │   │   ├S3: S3Identifier
    │    │   │   └Payload: string
    │    │   ├type S3Identifier
    │    │   │├  documentation: Contains information about the S3 object containing the resource.
    │    │   ││  name: S3Identifier
    │    │   │└ properties
    │    │   │   ├S3BucketName: string
    │    │   │   └S3ObjectKey: string
    │    │   ├type AgentKnowledgeBase
    │    │   │├  documentation: Contains details about a knowledge base that is associated with an agent.
    │    │   ││  name: AgentKnowledgeBase
    │    │   │└ properties
    │    │   │   ├KnowledgeBaseId: string (required)
    │    │   │   ├Description: string (required)
    │    │   │   └KnowledgeBaseState: string
    │    │   ├type PromptOverrideConfiguration
    │    │   │├  documentation: Contains configurations to override prompts in different parts of an agent sequence. For more information, see [Advanced prompts](https://docs.aws.amazon.com/bedrock/latest/userguide/advanced-prompts.html) .
    │    │   ││  name: PromptOverrideConfiguration
    │    │   │└ properties
    │    │   │   ├PromptConfigurations: Array<PromptConfiguration> (required)
    │    │   │   └OverrideLambda: string
    │    │   ├type PromptConfiguration
    │    │   │├  documentation: Contains configurations to override a prompt template in one part of an agent sequence. For more information, see [Advanced prompts](https://docs.aws.amazon.com/bedrock/latest/userguide/advanced-prompts.html) .
    │    │   ││  name: PromptConfiguration
    │    │   │└ properties
    │    │   │   ├PromptType: string
    │    │   │   ├PromptCreationMode: string
    │    │   │   ├PromptState: string
    │    │   │   ├BasePromptTemplate: string
    │    │   │   ├InferenceConfiguration: InferenceConfiguration
    │    │   │   └ParserMode: string
    │    │   └type InferenceConfiguration
    │    │    ├  documentation: Contains inference parameters to use when the agent invokes a foundation model in the part of the agent sequence defined by the `promptType` . For more information, see [Inference parameters for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) .
    │    │    │  name: InferenceConfiguration
    │    │    └ properties
    │    │       ├Temperature: number
    │    │       ├TopP: number
    │    │       ├TopK: number
    │    │       ├MaximumLength: number
    │    │       └StopSequences: Array<string>
    │    ├resource AWS::Bedrock::AgentAlias
    │    │├  name: AgentAlias
    │    ││  cloudFormationType: AWS::Bedrock::AgentAlias
    │    ││  documentation: Specifies an agent alias as a resource in a top-level template. Minimally, you must specify the following properties:
    │    ││  - AgentAliasName – Specify a name for the alias.
    │    ││  For more information about creating aliases for an agent in Amazon Bedrock , see [Deploy an Amazon Bedrock agent](https://docs.aws.amazon.com/bedrock/latest/userguide/agents-deploy.html) .
    │    ││  See the *Properties* section below for descriptions of both the required and optional properties.
    │    ││  tagInformation: {"tagPropertyName":"Tags","variant":"map"}
    │    │├ properties
    │    ││  ├AgentAliasName: string (required)
    │    ││  ├AgentId: string (required, immutable)
    │    ││  ├Description: string
    │    ││  ├RoutingConfiguration: Array<AgentAliasRoutingConfigurationListItem>
    │    ││  └Tags: Map<string, string>
    │    │├ attributes
    │    ││  ├AgentAliasArn: string
    │    ││  ├AgentAliasHistoryEvents: Array<AgentAliasHistoryEvent>
    │    ││  ├AgentAliasId: string
    │    ││  ├AgentAliasStatus: string
    │    ││  ├CreatedAt: string
    │    ││  └UpdatedAt: string
    │    │└ types
    │    │   ├type AgentAliasHistoryEvent
    │    │   │├  documentation: Contains details about the history of the alias.
    │    │   ││  name: AgentAliasHistoryEvent
    │    │   │└ properties
    │    │   │   ├RoutingConfiguration: Array<AgentAliasRoutingConfigurationListItem>
    │    │   │   ├EndDate: string
    │    │   │   └StartDate: string
    │    │   └type AgentAliasRoutingConfigurationListItem
    │    │    ├  documentation: Contains details about the routing configuration of the alias.
    │    │    │  name: AgentAliasRoutingConfigurationListItem
    │    │    └ properties
    │    │       └AgentVersion: string (required)
    │    ├resource AWS::Bedrock::DataSource
    │    │├  name: DataSource
    │    ││  cloudFormationType: AWS::Bedrock::DataSource
    │    ││  documentation: Specifies a data source as a resource in a top-level template. Minimally, you must specify the following properties:
    │    ││  - Name – Specify a name for the data source.
    │    ││  - KnowledgeBaseId – Specify the ID of the knowledge base for the data source to belong to.
    │    ││  - DataSourceConfiguration – Specify information about the Amazon S3 bucket containing the data source. The following sub-properties are required:
    │    ││  - Type – Specify the value `S3` .
    │    ││  For more information about setting up data sources in Amazon Bedrock , see [Set up a data source for your knowledge base](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-ds.html) .
    │    ││  See the *Properties* section below for descriptions of both the required and optional properties.
    │    │├ properties
    │    ││  ├DataSourceConfiguration: DataSourceConfiguration (required)
    │    ││  ├Description: string
    │    ││  ├KnowledgeBaseId: string (required, immutable)
    │    ││  ├Name: string (required)
    │    ││  ├ServerSideEncryptionConfiguration: ServerSideEncryptionConfiguration
    │    ││  └VectorIngestionConfiguration: VectorIngestionConfiguration (immutable)
    │    │├ attributes
    │    ││  ├DataSourceId: string
    │    ││  ├DataSourceStatus: string
    │    ││  ├CreatedAt: string
    │    ││  └UpdatedAt: string
    │    │└ types
    │    │   ├type DataSourceConfiguration
    │    │   │├  documentation: Contains details about how a data source is stored.
    │    │   ││  name: DataSourceConfiguration
    │    │   │└ properties
    │    │   │   ├Type: string (required)
    │    │   │   └S3Configuration: S3DataSourceConfiguration (required)
    │    │   ├type S3DataSourceConfiguration
    │    │   │├  documentation: Contains information about the S3 configuration of the data source.
    │    │   ││  name: S3DataSourceConfiguration
    │    │   │└ properties
    │    │   │   ├BucketArn: string (required)
    │    │   │   └InclusionPrefixes: Array<string>
    │    │   ├type ServerSideEncryptionConfiguration
    │    │   │├  documentation: Contains the configuration for server-side encryption.
    │    │   ││  name: ServerSideEncryptionConfiguration
    │    │   │└ properties
    │    │   │   └KmsKeyArn: string
    │    │   ├type VectorIngestionConfiguration
    │    │   │├  documentation: Contains details about how to ingest the documents in a data source.
    │    │   ││  name: VectorIngestionConfiguration
    │    │   │└ properties
    │    │   │   └ChunkingConfiguration: ChunkingConfiguration
    │    │   ├type ChunkingConfiguration
    │    │   │├  documentation: Details about how to chunk the documents in the data source. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried.
    │    │   ││  name: ChunkingConfiguration
    │    │   │└ properties
    │    │   │   ├ChunkingStrategy: string (required)
    │    │   │   └FixedSizeChunkingConfiguration: FixedSizeChunkingConfiguration
    │    │   └type FixedSizeChunkingConfiguration
    │    │    ├  documentation: Configurations for when you choose fixed-size chunking. If you set the `chunkingStrategy` as `NONE` , exclude this field.
    │    │    │  name: FixedSizeChunkingConfiguration
    │    │    └ properties
    │    │       ├MaxTokens: integer (required)
    │    │       └OverlapPercentage: integer (required)
    │    └resource AWS::Bedrock::KnowledgeBase
    │     ├  name: KnowledgeBase
    │     │  cloudFormationType: AWS::Bedrock::KnowledgeBase
    │     │  documentation: Specifies a knowledge base as a resource in a top-level template. Minimally, you must specify the following properties:
    │     │  - Name – Specify a name for the knowledge base.
    │     │  - RoleArn – Specify the Amazon Resource Name (ARN) of the IAM role with permissions to invoke API operations on the knowledge base. For more information, see [Create a service role for Knowledge base for Amazon Bedrock](https://docs.aws.amazon.com/bedrock/latest/userguide/kb-permissions.html) .
    │     │  - KnowledgeBaseConfiguration – Specify the embeddings configuration of the knowledge base. The following sub-properties are required:
    │     │  - Type – Specify the value `VECTOR` .
    │     │  - StorageConfiguration – Specify information about the vector store in which the data source is stored. The following sub-properties are required:
    │     │  - Type – Specify the vector store service that you are using.
    │     │  > Redis Enterprise Cloud vector stores are currently unsupported in AWS CloudFormation .
    │     │  For more information about using knowledge bases in Amazon Bedrock , see [Knowledge base for Amazon Bedrock](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base.html) .
    │     │  See the *Properties* section below for descriptions of both the required and optional properties.
    │     │  tagInformation: {"tagPropertyName":"Tags","variant":"map"}
    │     ├ properties
    │     │  ├Description: string
    │     │  ├KnowledgeBaseConfiguration: KnowledgeBaseConfiguration (required, immutable)
    │     │  ├Name: string (required)
    │     │  ├RoleArn: string (required)
    │     │  └Tags: Map<string, string>
    │     ├ attributes
    │     │  ├KnowledgeBaseId: string
    │     │  ├KnowledgeBaseArn: string
    │     │  ├CreatedAt: string
    │     │  ├UpdatedAt: string
    │     │  ├FailureReasons: Array<string>
    │     │  └Status: string
    │     └ types
    │        ├type KnowledgeBaseConfiguration
    │        │├  documentation: Contains details about the embeddings configuration of the knowledge base.
    │        ││  name: KnowledgeBaseConfiguration
    │        │└ properties
    │        │   ├Type: string (required)
    │        │   └VectorKnowledgeBaseConfiguration: VectorKnowledgeBaseConfiguration (required)
    │        └type VectorKnowledgeBaseConfiguration
    │         ├  documentation: Contains details about the model used to create vector embeddings for the knowledge base.
    │         │  name: VectorKnowledgeBaseConfiguration
    │         └ properties
    │            └EmbeddingModelArn: string (required)
    ├[~] service aws-chatbot
    │ └ resources
    │    └[~] resource AWS::Chatbot::MicrosoftTeamsChannelConfiguration
    │      └ properties
    │         └ TeamsChannelId: (documentation changed)
    ├[~] service aws-cleanrooms
    │ └ resources
    │    ├[~] resource AWS::CleanRooms::ConfiguredTable
    │    │ └ types
    │    │    └[~] type DifferentialPrivacy
    │    │      ├  - documentation: undefined
    │    │      │  + documentation: The analysis method for the configured tables. The only valid value is currently `DIRECT_QUERY`.
    │    │      └ properties
    │    │         └ Columns: (documentation changed)
    │    └[+] resource AWS::CleanRooms::PrivacyBudgetTemplate
    │      ├  name: PrivacyBudgetTemplate
    │      │  cloudFormationType: AWS::CleanRooms::PrivacyBudgetTemplate
    │      │  documentation: An object that defines the privacy budget template.
    │      │  tagInformation: {"tagPropertyName":"Tags","variant":"standard"}
    │      ├ properties
    │      │  ├Tags: Array<tag>
    │      │  ├AutoRefresh: string (required, immutable)
    │      │  ├PrivacyBudgetType: string (required, immutable)
    │      │  ├Parameters: Parameters (required)
    │      │  └MembershipIdentifier: string (required, immutable)
    │      ├ attributes
    │      │  ├CollaborationArn: string
    │      │  ├CollaborationIdentifier: string
    │      │  ├PrivacyBudgetTemplateIdentifier: string
    │      │  ├Arn: string
    │      │  └MembershipArn: string
    │      └ types
    │         └type Parameters
    │          ├  documentation: Specifies the epislon and noise parameters for the privacy budget template.
    │          │  name: Parameters
    │          └ properties
    │             ├Epsilon: integer (required)
    │             └UsersNoisePerQuery: integer (required)
    ├[+] service aws-cleanroomsml
    │ ├  capitalized: CleanRoomsML
    │ │  cloudFormationNamespace: AWS::CleanRoomsML
    │ │  name: aws-cleanroomsml
    │ │  shortName: cleanroomsml
    │ └ resources
    │    └resource AWS::CleanRoomsML::TrainingDataset
    │     ├  name: TrainingDataset
    │     │  cloudFormationType: AWS::CleanRoomsML::TrainingDataset
    │     │  documentation: Defines the information necessary to create a training dataset. In Clean Rooms ML, the `TrainingDataset` is metadata that points to a Glue table, which is read only during `AudienceModel` creation.
    │     │  tagInformation: {"tagPropertyName":"Tags","variant":"standard"}
    │     ├ properties
    │     │  ├Description: string (immutable)
    │     │  ├Name: string (required, immutable)
    │     │  ├RoleArn: string (required, immutable)
    │     │  ├Tags: Array<tag>
    │     │  └TrainingData: Array<Dataset> (required, immutable)
    │     ├ attributes
    │     │  ├Status: string
    │     │  └TrainingDatasetArn: string
    │     └ types
    │        ├type Dataset
    │        │├  documentation: Defines where the training dataset is located, what type of data it contains, and how to access the data.
    │        ││  name: Dataset
    │        │└ properties
    │        │   ├Type: string (required)
    │        │   └InputConfig: DatasetInputConfig (required)
    │        ├type DatasetInputConfig
    │        │├  documentation: Defines the Glue data source and schema mapping information.
    │        ││  name: DatasetInputConfig
    │        │└ properties
    │        │   ├Schema: Array<ColumnSchema> (required)
    │        │   └DataSource: DataSource (required)
    │        ├type ColumnSchema
    │        │├  documentation: Metadata for a column.
    │        ││  name: ColumnSchema
    │        │└ properties
    │        │   ├ColumnName: string (required)
    │        │   └ColumnTypes: Array<string> (required)
    │        ├type DataSource
    │        │├  documentation: Defines information about the Glue data source that contains the training data.
    │        ││  name: DataSource
    │        │└ properties
    │        │   └GlueDataSource: GlueDataSource (required)
    │        └type GlueDataSource
    │         ├  documentation: Defines the Glue data source that contains the training data.
    │         │  name: GlueDataSource
    │         └ properties
    │            ├TableName: string (required)
    │            ├DatabaseName: string (required)
    │            └CatalogId: string
    ├[~] service aws-cloudtrail
    │ └ resources
    │    ├[~] resource AWS::CloudTrail::EventDataStore
    │    │ └ properties
    │    │    └ AdvancedEventSelectors: (documentation changed)
    │    └[~] resource AWS::CloudTrail::Trail
    │      └ properties
    │         ├ S3BucketName: (documentation changed)
    │         └ S3KeyPrefix: (documentation changed)
    ├[~] service aws-cloudwatch
    │ └ resources
    │    ├[~] resource AWS::CloudWatch::Alarm
    │    │ ├  - tagInformation: undefined
    │    │ │  + tagInformation: {"tagPropertyName":"Tags","variant":"standard"}
    │    │ └ properties
    │    │    └[+] Tags: Array<tag>
    │    ├[~] resource AWS::CloudWatch::AnomalyDetector
    │    │ └ types
    │    │    └[~] type SingleMetricAnomalyDetector
    │    │      └ properties
    │    │         └ AccountId: (documentation changed)
    │    └[~] resource AWS::CloudWatch::CompositeAlarm
    │      ├  - documentation: The `AWS::CloudWatch::CompositeAlarm` type creates or updates a composite alarm. When you create a composite alarm, you specify a rule expression for the alarm that takes into account the alarm states of other alarms that you have created. The composite alarm goes into ALARM state only if all conditions of the rule are met.
    │      │  The alarms specified in a composite alarm's rule expression can include metric alarms and other composite alarms.
    │      │  Using composite alarms can reduce alarm noise. You can create multiple metric alarms, and also create a composite alarm and set up alerts only for the composite alarm. For example, you could create a composite alarm that goes into ALARM state only when more than one of the underlying metric alarms are in ALARM state.
    │      │  Currently, the only alarm actions that can be taken by composite alarms are notifying SNS topics.
    │      │  When this operation creates an alarm, the alarm state is immediately set to INSUFFICIENT_DATA. The alarm is then evaluated and its state is set appropriately. Any actions associated with the new state are then executed. For a composite alarm, this initial time after creation is the only time that the alarm can be in INSUFFICIENT_DATA state.
    │      │  When you update an existing alarm, its state is left unchanged, but the update completely overwrites the previous configuration of the alarm.
    │      │  + documentation: The `AWS::CloudWatch::CompositeAlarm` type creates or updates a composite alarm. When you create a composite alarm, you specify a rule expression for the alarm that takes into account the alarm states of other alarms that you have created. The composite alarm goes into ALARM state only if all conditions of the rule are met.
    │      │  The alarms specified in a composite alarm's rule expression can include metric alarms and other composite alarms.
    │      │  Using composite alarms can reduce alarm noise. You can create multiple metric alarms, and also create a composite alarm and set up alerts only for the composite alarm. For example, you could create a composite alarm that goes into ALARM state only when more than one of the underlying metric alarms are in ALARM state.
    │      │  When this operation creates an alarm, the alarm state is immediately set to INSUFFICIENT_DATA. The alarm is then evaluated and its state is set appropriately. Any actions associated with the new state are then executed. For a composite alarm, this initial time after creation is the only time that the alarm can be in INSUFFICIENT_DATA state.
    │      │  When you update an existing alarm, its state is left unchanged, but the update completely overwrites the previous configuration of the alarm.
    │      │  - tagInformation: undefined
    │      │  + tagInformation: {"tagPropertyName":"Tags","variant":"standard"}
    │      └ properties
    │         └[+] Tags: Array<tag>
    ├[~] service aws-codebuild
    │ └ resources
    │    ├[~] resource AWS::CodeBuild::Project
    │    │ └ types
    │    │    ├[~] type Environment
    │    │    │ └ properties
    │    │    │    └ ComputeType: (documentation changed)
    │    │    ├[~] type Source
    │    │    │ └ properties
    │    │    │    └ Location: (documentation changed)
    │    │    └[~] type WebhookFilter
    │    │      └ properties
    │    │         └ Type: (documentation changed)
    │    └[~] resource AWS::CodeBuild::SourceCredential
    │      └ properties
    │         └ Token: (documentation changed)
    ├[+] service aws-codeconnections
    │ ├  capitalized: CodeConnections
    │ │  cloudFormationNamespace: AWS::CodeConnections
    │ │  name: aws-codeconnections
    │ │  shortName: codeconnections
    │ └ resources
    │    └resource AWS::CodeConnections::Connection
    │     ├  name: Connection
    │     │  cloudFormationType: AWS::CodeConnections::Connection
    │     │  documentation: A resource that is used to connect third-party source providers with services like CodePipeline.
    │     │  Note: A connection created through AWS CloudFormation , the CLI, or the SDK is in `PENDING` status by default. You can make its status `AVAILABLE` by updating the connection in the console.
    │     │  tagInformation: {"tagPropertyName":"Tags","variant":"standard"}
    │     ├ properties
    │     │  ├ConnectionName: string (required, immutable)
    │     │  ├ProviderType: string (immutable)
    │     │  ├HostArn: string (immutable)
    │     │  └Tags: Array<tag>
    │     └ attributes
    │        ├ConnectionArn: string
    │        ├ConnectionStatus: string
    │        └OwnerAccountId: string
    ├[+] service aws-deadline
    │ ├  capitalized: Deadline
    │ │  cloudFormationNamespace: AWS::Deadline
    │ │  name: aws-deadline
    │ │  shortName: deadline
    │ └ resources
    │    ├resource AWS::Deadline::Farm
    │    │├  name: Farm
    │    ││  cloudFormationType: AWS::Deadline::Farm
    │    ││  documentation: Creates a farm to allow space for queues and fleets. Farms are the space where the components of your renders gather and are pieced together in the cloud. Farms contain budgets and allow you to enforce permissions. Deadline Cloud farms are a useful container for large projects.
    │    │├ properties
    │    ││  ├Description: string (default="")
    │    ││  ├DisplayName: string (required)
    │    ││  └KmsKeyArn: string (immutable)
    │    │└ attributes
    │    │   ├FarmId: string
    │    │   └Arn: string
    │    ├resource AWS::Deadline::Fleet
    │    │├  name: Fleet
    │    ││  cloudFormationType: AWS::Deadline::Fleet
    │    ││  documentation: Creates a fleet. Fleets gather information relating to compute, or capacity, for renders within your farms. You can choose to manage your own capacity or opt to have fleets fully managed by Deadline Cloud.
    │    │├ properties
    │    ││  ├Configuration: FleetConfiguration (required)
    │    ││  ├Description: string (default="")
    │    ││  ├DisplayName: string (required)
    │    ││  ├FarmId: string (immutable)
    │    ││  ├MaxWorkerCount: integer (required)
    │    ││  ├MinWorkerCount: integer (default=0)
    │    ││  └RoleArn: string (required)
    │    │├ attributes
    │    ││  ├Capabilities: FleetCapabilities
    │    ││  ├FleetId: string
    │    ││  ├Status: string
    │    ││  ├WorkerCount: integer
    │    ││  └Arn: string
    │    │└ types
    │    │   ├type FleetCapabilities
    │    │   │├  documentation: The amounts and attributes of fleets.
    │    │   ││  name: FleetCapabilities
    │    │   │└ properties
    │    │   │   ├Amounts: Array<FleetAmountCapability>
    │    │   │   └Attributes: Array<FleetAttributeCapability>
    │    │   ├type FleetAmountCapability
    │    │   │├  documentation: The fleet amount and attribute capabilities.
    │    │   ││  name: FleetAmountCapability
    │    │   │└ properties
    │    │   │   ├Name: string (required)
    │    │   │   ├Min: number (required)
    │    │   │   └Max: number
    │    │   ├type FleetAttributeCapability
    │    │   │├  documentation: Defines the fleet's capability name, minimum, and maximum.
    │    │   ││  name: FleetAttributeCapability
    │    │   │└ properties
    │    │   │   ├Name: string (required)
    │    │   │   └Values: Array<string> (required)
    │    │   ├type FleetConfiguration
    │    │   │├  documentation: Fleet configuration details.
    │    │   ││  name: FleetConfiguration
    │    │   │└ properties
    │    │   │   ├CustomerManaged: CustomerManagedFleetConfiguration
    │    │   │   └ServiceManagedEc2: ServiceManagedEc2FleetConfiguration
    │    │   ├type CustomerManagedFleetConfiguration
    │    │   │├  documentation: The details of a customer managed fleet configuration.
    │    │   ││  name: CustomerManagedFleetConfiguration
    │    │   │└ properties
    │    │   │   ├Mode: string (required)
    │    │   │   ├WorkerCapabilities: CustomerManagedWorkerCapabilities (required)
    │    │   │   └StorageProfileId: string
    │    │   ├type CustomerManagedWorkerCapabilities
    │    │   │├  documentation: The worker capabilities for a customer managed workflow.
    │    │   ││  name: CustomerManagedWorkerCapabilities
    │    │   │└ properties
    │    │   │   ├VCpuCount: VCpuCountRange (required)
    │    │   │   ├MemoryMiB: MemoryMiBRange (required)
    │    │   │   ├AcceleratorTypes: Array<string>
    │    │   │   ├AcceleratorCount: AcceleratorCountRange
    │    │   │   ├AcceleratorTotalMemoryMiB: AcceleratorTotalMemoryMiBRange
    │    │   │   ├OsFamily: string (required)
    │    │   │   ├CpuArchitectureType: string (required)
    │    │   │   ├CustomAmounts: Array<FleetAmountCapability>
    │    │   │   └CustomAttributes: Array<FleetAttributeCapability>
    │    │   ├type VCpuCountRange
    │    │   │├  documentation: The allowable range of vCPU processing power for the fleet.
    │    │   ││  name: VCpuCountRange
    │    │   │└ properties
    │    │   │   ├Min: integer (required)
    │    │   │   └Max: integer
    │    │   ├type MemoryMiBRange
    │    │   │├  documentation: The range of memory in MiB.
    │    │   ││  name: MemoryMiBRange
    │    │   │└ properties
    │    │   │   ├Min: integer (required)
    │    │   │   └Max: integer
    │    │   ├type AcceleratorCountRange
    │    │   │├  documentation: The range for the GPU fleet acceleration.
    │    │   ││  name: AcceleratorCountRange
    │    │   │└ properties
    │    │   │   ├Min: integer (required)
    │    │   │   └Max: integer
    │    │   ├type AcceleratorTotalMemoryMiBRange
    │    │   │├  documentation: The range for memory, in MiB, to use for the accelerator.
    │    │   ││  name: AcceleratorTotalMemoryMiBRange
    │    │   │└ properties
    │    │   │   ├Min: integer (required)
    │    │   │   └Max: integer
    │    │   ├type ServiceManagedEc2FleetConfiguration
    │    │   │├  documentation: The configuration details for a service managed Amazon EC2 fleet.
    │    │   ││  name: ServiceManagedEc2FleetConfiguration
    │    │   │└ properties
    │    │   │   ├InstanceCapabilities: ServiceManagedEc2InstanceCapabilities (required)
    │    │   │   └InstanceMarketOptions: ServiceManagedEc2InstanceMarketOptions (required)
    │    │   ├type ServiceManagedEc2InstanceCapabilities
    │    │   │├  documentation: The Amazon EC2 instance capabilities.
    │    │   ││  name: ServiceManagedEc2InstanceCapabilities
    │    │   │└ properties
    │    │   │   ├VCpuCount: VCpuCountRange (required)
    │    │   │   ├MemoryMiB: MemoryMiBRange (required)
    │    │   │   ├OsFamily: string (required)
    │    │   │   ├CpuArchitectureType: string (required)
    │    │   │   ├RootEbsVolume: Ec2EbsVolume
    │    │   │   ├AllowedInstanceTypes: Array<string>
    │    │   │   ├ExcludedInstanceTypes: Array<string>
    │    │   │   ├CustomAmounts: Array<FleetAmountCapability>
    │    │   │   └CustomAttributes: Array<FleetAttributeCapability>
    │    │   ├type Ec2EbsVolume
    │    │   │├  documentation: Specifies the EBS volume.
    │    │   ││  name: Ec2EbsVolume
    │    │   │└ properties
    │    │   │   ├SizeGiB: integer (default=250)
    │    │   │   ├Iops: integer (default=3000)
    │    │   │   └ThroughputMiB: integer (default=125)
    │    │   └type ServiceManagedEc2InstanceMarketOptions
    │    │    ├  documentation: The details of the Amazon EC2 instance market options for a service managed fleet.
    │    │    │  name: ServiceManagedEc2InstanceMarketOptions
    │    │    └ properties
    │    │       └Type: string (required)
    │    ├resource AWS::Deadline::LicenseEndpoint
    │    │├  name: LicenseEndpoint
    │    ││  cloudFormationType: AWS::Deadline::LicenseEndpoint
    │    ││  documentation: Creates a license endpoint to integrate your various licensed software used for rendering on Deadline Cloud.
    │    │├ properties
    │    ││  ├SecurityGroupIds: Array<string> (required, immutable)
    │    ││  ├SubnetIds: Array<string> (required, immutable)
    │    ││  └VpcId: string (required, immutable)
    │    │└ attributes
    │    │   ├DnsName: string
    │    │   ├LicenseEndpointId: string
    │    │   ├Status: string
    │    │   ├StatusMessage: string
    │    │   └Arn: string
    │    ├resource AWS::Deadline::MeteredProduct
    │    │├  name: MeteredProduct
    │    ││  cloudFormationType: AWS::Deadline::MeteredProduct
    │    ││  documentation: Adds a metered product.
    │    │├ properties
    │    ││  ├LicenseEndpointId: string (immutable)
    │    ││  ├ProductId: string (immutable)
    │    ││  ├Port: integer
    │    ││  ├Family: string
    │    ││  └Vendor: string
    │    │└ attributes
    │    │   └Arn: string
    │    ├resource AWS::Deadline::Queue
    │    │├  name: Queue
    │    ││  cloudFormationType: AWS::Deadline::Queue
    │    ││  documentation: Creates a queue to coordinate the order in which jobs run on a farm. A queue can also specify where to pull resources and indicate where to output completed jobs.
    │    │├ properties
    │    ││  ├AllowedStorageProfileIds: Array<string>
    │    ││  ├DefaultBudgetAction: string (default="NONE")
    │    ││  ├Description: string (default="")
    │    ││  ├DisplayName: string (required)
    │    ││  ├FarmId: string (immutable)
    │    ││  ├JobAttachmentSettings: JobAttachmentSettings
    │    ││  ├JobRunAsUser: JobRunAsUser
    │    ││  ├RequiredFileSystemLocationNames: Array<string>
    │    ││  └RoleArn: string
    │    │├ attributes
    │    ││  ├QueueId: string
    │    ││  └Arn: string
    │    │└ types
    │    │   ├type JobAttachmentSettings
    │    │   │├  documentation: The job attachment settings. These are the Amazon S3 bucket name and the Amazon S3 prefix.
    │    │   ││  name: JobAttachmentSettings
    │    │   │└ properties
    │    │   │   ├S3BucketName: string (required)
    │    │   │   └RootPrefix: string (required)
    │    │   ├type JobRunAsUser
    │    │   │├  documentation: Identifies the user for a job.
    │    │   ││  name: JobRunAsUser
    │    │   │└ properties
    │    │   │   ├Posix: PosixUser
    │    │   │   ├Windows: WindowsUser
    │    │   │   └RunAs: string (required)
    │    │   ├type PosixUser
    │    │   │├  documentation: The POSIX user.
    │    │   ││  name: PosixUser
    │    │   │└ properties
    │    │   │   ├User: string (required)
    │    │   │   └Group: string (required)
    │    │   └type WindowsUser
    │    │    ├  documentation: The Windows user details.
    │    │    │  name: WindowsUser
    │    │    └ properties
    │    │       ├User: string (required)
    │    │       └PasswordArn: string (required)
    │    ├resource AWS::Deadline::QueueEnvironment
    │    │├  name: QueueEnvironment
    │    ││  cloudFormationType: AWS::Deadline::QueueEnvironment
    │    ││  documentation: Creates an environment for a queue that defines how jobs in the queue run.
    │    │├ properties
    │    ││  ├FarmId: string (required, immutable)
    │    ││  ├Priority: integer (required)
    │    ││  ├QueueId: string (required, immutable)
    │    ││  ├Template: string (required)
    │    ││  └TemplateType: string (required)
    │    │└ attributes
    │    │   ├Name: string
    │    │   └QueueEnvironmentId: string
    │    ├resource AWS::Deadline::QueueFleetAssociation
    │    │├  name: QueueFleetAssociation
    │    ││  cloudFormationType: AWS::Deadline::QueueFleetAssociation
    │    ││  documentation: Creates an association between a queue and a fleet.
    │    │└ properties
    │    │   ├FarmId: string (required, immutable)
    │    │   ├FleetId: string (required, immutable)
    │    │   └QueueId: string (required, immutable)
    │    └resource AWS::Deadline::StorageProfile
    │     ├  name: StorageProfile
    │     │  cloudFormationType: AWS::Deadline::StorageProfile
    │     │  documentation: Creates a storage profile that specifies the operating system, file type, and file location of resources used on a farm.
    │     ├ properties
    │     │  ├DisplayName: string (required)
    │     │  ├FarmId: string (immutable)
    │     │  ├FileSystemLocations: Array<FileSystemLocation>
    │     │  └OsFamily: string (required)
    │     ├ attributes
    │     │  └StorageProfileId: string
    │     └ types
    │        └type FileSystemLocation
    │         ├  documentation: The details of the file system location for the resource.
    │         │  name: FileSystemLocation
    │         └ properties
    │            ├Name: string (required)
    │            ├Path: string (required)
    │            └Type: string (required)
    ├[~] service aws-ec2
    │ └ resources
    │    ├[~] resource AWS::EC2::CustomerGateway
    │    │ └ properties
    │    │    └[+] CertificateArn: string (immutable)
    │    ├[~] resource AWS::EC2::Instance
    │    │ ├ properties
    │    │ │  ├ ElasticGpuSpecifications: (documentation changed)
    │    │ │  ├ ElasticInferenceAccelerators: (documentation changed)
    │    │ │  └ SubnetId: (documentation changed)
    │    │ ├ attributes
    │    │ │  └[-] Id: string
    │    │ └ types
    │    │    ├[~] type LaunchTemplateSpecification
    │    │    │ └  - documentation: Specifies a launch template to use when launching an Amazon EC2 instance.
    │    │    │    You must specify the following:
    │    │    │    - The ID or the name of the launch template, but not both.
    │    │    │    - The version of the launch template.
    │    │    │    `LaunchTemplateSpecification` is a property of the [AWS::EC2::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) resource.
    │    │    │    For information about creating a launch template, see [AWS::EC2::LaunchTemplate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html) and [Create a launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) in the *Amazon EC2 User Guide* .
    │    │    │    For examples of launch templates, see [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate--examples) .
    │    │    │    + documentation: Specifies a launch template to use when launching an Amazon EC2 instance.
    │    │    │    You must specify the following:
    │    │    │    - The ID or the name of the launch template, but not both.
    │    │    │    - The version of the launch template.
    │    │    │    For information about creating a launch template, see [AWS::EC2::LaunchTemplate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html) and [Create a launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) in the *Amazon EC2 User Guide* .
    │    │    │    For example launch templates, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate--examples) for `AWS::EC2::LaunchTemplate` .
    │    │    └[~] type NetworkInterface
    │    │      └ properties
    │    │         └ SubnetId: (documentation changed)
    │    ├[~] resource AWS::EC2::LaunchTemplate
    │    │ └ types
    │    │    ├[~] type LaunchTemplateData
    │    │    │ └ properties
    │    │    │    ├ NetworkInterfaces: (documentation changed)
    │    │    │    ├ SecurityGroupIds: (documentation changed)
    │    │    │    └ SecurityGroups: (documentation changed)
    │    │    └[~] type MaintenanceOptions
    │    │      └ properties
    │    │         └[-] RebootMigration: string
    │    ├[~] resource AWS::EC2::SecurityGroup
    │    │ ├  - documentation: Specifies a security group. To create a security group, use the [VpcId](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html#cfn-ec2-securitygroup-vpcid) property to specify the VPC for which to create the security group.
    │    │ │  If you do not specify an egress rule, we add egress rules that allow IPv4 and IPv6 traffic on all ports and protocols to any destination. We do not add these rules if you specify your own egress rules. If you later remove your egress rules, we restore the default egress rules.
    │    │ │  This type supports updates. For more information about updating stacks, see [AWS CloudFormation Stacks Updates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks.html) .
    │    │ │  > To cross-reference two security groups in the ingress and egress rules of those security groups, use the [AWS::EC2::SecurityGroupEgress](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-security-group-egress.html) and [AWS::EC2::SecurityGroupIngress](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-security-group-ingress.html) resources to define your rules. Do not use the embedded ingress and egress rules in the `AWS::EC2::SecurityGroup` . Doing so creates a circular dependency, which AWS CloudFormation doesn't allow.
    │    │ │  + documentation: Specifies a security group. To create a security group, use the [VpcId](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html#cfn-ec2-securitygroup-vpcid) property to specify the VPC for which to create the security group.
    │    │ │  If you do not specify an egress rule, we add egress rules that allow IPv4 and IPv6 traffic on all ports and protocols to any destination. We do not add these rules if you specify your own egress rules.
    │    │ │  This type supports updates. For more information about updating stacks, see [AWS CloudFormation Stacks Updates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks.html) .
    │    │ │  > To cross-reference two security groups in the ingress and egress rules of those security groups, use the [AWS::EC2::SecurityGroupEgress](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-security-group-egress.html) and [AWS::EC2::SecurityGroupIngress](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-security-group-ingress.html) resources to define your rules. Do not use the embedded ingress and egress rules in the `AWS::EC2::SecurityGroup` . Doing so creates a circular dependency, which AWS CloudFormation doesn't allow.
    │    │ └ types
    │    │    └[~] type Egress
    │    │      └ properties
    │    │         └[-] SourceSecurityGroupId: string
    │    ├[~] resource AWS::EC2::SpotFleet
    │    │ ├  - documentation: Specifies a Spot Fleet request.
    │    │ │  The Spot Fleet request specifies the total target capacity and the On-Demand target capacity. Amazon EC2 calculates the difference between the total capacity and On-Demand capacity, and launches the difference as Spot capacity.
    │    │ │  You can submit a single request that includes multiple launch specifications that vary by instance type, AMI, Availability Zone, or subnet.
    │    │ │  By default, the Spot Fleet requests Spot Instances in the Spot Instance pool where the price per unit is the lowest. Each launch specification can include its own instance weighting that reflects the value of the instance type to your application workload.
    │    │ │  Alternatively, you can specify that the Spot Fleet distribute the target capacity across the Spot pools included in its launch specifications. By ensuring that the Spot Instances in your Spot Fleet are in different Spot pools, you can improve the availability of your fleet.
    │    │ │  You can specify tags for the Spot Fleet request and instances launched by the fleet. You cannot tag other resource types in a Spot Fleet request because only the `spot-fleet-request` and `instance` resource types are supported.
    │    │ │  For more information, see [Spot Fleet](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet.html) in the *Amazon EC2 User Guide for Linux Instances* .
    │    │ │  > We strongly discourage using the RequestSpotFleet API because it is a legacy API wit…
    aws-cdk-automation authored Apr 15, 2024
    Configuration menu
    Copy the full SHA
    7103fed View commit details
    Browse the repository at this point in the history
  3. chore(eks): update eks compare-log unit test to use sdk v3 (#29845)

    ### Reason for this change
    
    The AWS SDK V2 is being deprecated. We need to remove all uses of it from the CDK.
    
    ### Description of changes
    
    The `compare-log` unit test for the `aws-eks` `compareLogging.ts` was using `CreateClusterRequest` and `LogTypes` from AWS SDK V2. I've updated the code to use the `CreateClusterRequest` and `LogType` from AWS SDK V3. Additionally, with this change, `aws-sdk` is no longer needed as a dependency for `@aws-cdk/custom-resource-handlers`.
    
    ### Description of how you validated changes
    
    This change does not impact `compareLogging.ts`. Consequently, we just need to verify that the unit tests in `compare-log.test.ts` are still successful. I have validated that these are still passing.
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    colifran authored Apr 15, 2024
    Configuration menu
    Copy the full SHA
    5bdf5cb View commit details
    Browse the repository at this point in the history

Commits on Apr 16, 2024

  1. chore: upgrade lerna to new major version (#29848)

    This upgrades lerna to v8 and nx to v18.
    
    
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    TheRealAmazonKendra authored Apr 16, 2024
    Configuration menu
    Copy the full SHA
    8e2cbae View commit details
    Browse the repository at this point in the history
  2. chore(lambda-nodejs): unescaped whitespace in props.bundling.inject b…

    …reaks esbuild (#29561)
    
    ### Issue # (if applicable)
    Closes #29559 .
    
    ### Reason for this change
    NodejsFunction fails to build in projects with spaces in path
    
    ### Description of changes
    Updated how it maps esbuild arguments from bundling props
    
    
    
    ### Description of how you validated changes
    Tried building the NodejsFunction
    
    
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    bombguy authored Apr 16, 2024
    Configuration menu
    Copy the full SHA
    72b6d8e View commit details
    Browse the repository at this point in the history
  3. feat(stepfunctions-tasks): add httpinvoke step functions task (#28673)

    This adds an `HttpInvoke` Step Functions task construct, which allows calling public APIs as described [here](https://docs.aws.amazon.com/step-functions/latest/dg/connect-third-party-apis.html).
    
    - Accepts an Event Bridge API Destination `IConnection`, setting required permissions to use its credentials.
    - Grants permission to invoke the root path for the endpoint (`apiRoot` prop). This allows passing the relative endpoint path at execution time (`apiEndpoint` prop).
    - Defines an enum for the allowed options for the URL encoding style of arrays, used when encoding the request body.
    
    Closes #28278
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    MathieuGilbert authored Apr 16, 2024
    Configuration menu
    Copy the full SHA
    178e481 View commit details
    Browse the repository at this point in the history
  4. feat(route53): DNSSEC zone signing (#28604)

    This makes it possible to enable DNSSEC signing for a Route 53 hosted zone. A new `KeySigningKey` construct is created to enable generally creating KSKs. Additionally, an `enableDnssec` method is added to `HostedZone` that provides an easier interface. The later will create the KSK and further create the necessary `AWS::Route53::DNSSEC` resource to actually enable signing on the resource.
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    laurelmay authored Apr 16, 2024
    Configuration menu
    Copy the full SHA
    213fffc View commit details
    Browse the repository at this point in the history

Commits on Apr 17, 2024

  1. chore(rds): improve error messages for providing a vpc to cluster (#2…

    …9706)
    
    Just an idea/I was curious.
    
    Personally, when I stumbled upon this error I got a bit confused because I wasn't sure what instanceProps was. I think the message  'Provide either vpc or instanceProps.vpc, but not both" provides the same explanation for both cases?
    
    Or we rephrase the error message to not use "If instanceProps was provided", because the code can figure whether instanceProps was provided with another if condition Then the message would just be "VPC must be provided". Hence, someone who is unaware of instanceProps, doesn't need to be notified of it. Just an idea though and it's nitpicking! Thoughts?
    
    ### Reason for this change
    
    Better error message when running into this error
    
    ### Description of changes
    
    Consolidated logs statements
    
    ### Description of how you validated changes
    
    I have not validated anything because this was just an idea/I was curious
    
    ### Checklist
    - [X ] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    prasanthlouis authored Apr 17, 2024
    Configuration menu
    Copy the full SHA
    21804fd View commit details
    Browse the repository at this point in the history
  2. chore(codebuild): aarch64 standard 2.0 and 3.0 build images are not d…

    …eprecated (#29580)
    
    ### Issue # (if applicable)
    
    Closes #<issue number here>.
    
    ### Reason for this change
    
    
    
    AWS CodeBuild Docker images `AMAZON_LINUX_2_ARM_3` aka `AMAZON_LINUX_2_STANDARD_3_0` aka `aws/codebuild/amazonlinux2-aarch64-standard:3.0` and `AMAZON_LINUX_2_ARM_2` aka `AMAZON_LINUX_2_STANDARD_2_0` aka `aws/codebuild/amazonlinux2-aarch64-standard:2.0`are not deprecated but the currently actively maintained ones according to https://github.com/aws/aws-codebuild-docker-images and https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-available.html
    
    ### Description of changes
    
    
    
    I removed the JSDoc Deprecated flag for the currently active images and added their image names as a comment so that one can find the images also using those references.
    
    ### Description of how you validated changes
    
    
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    nikovirtala authored Apr 17, 2024
    Configuration menu
    Copy the full SHA
    1f8bc90 View commit details
    Browse the repository at this point in the history
  3. fix(ecs-patterns): integ test failed with certificate error (#29623)

    ### Issue # (if applicable)
    
    Part of: #29186 (comment)
    
    ### Reason for this change
    
    
    `aws-ecs-patterns/test/fargate/integ.alb-fargate-service-https-idle-timeout` was failed with certificate error (#29186 (comment)).
    It is enough to set `idleTimeout` property to test loadbalancer with idleTimeout.
    
    `aws-ecs-patterns/test/fargate/integ.alb-fargate-service-https` is also failed with certificate error so I will fix at another PR #29649.
    
    ### Description of changes
    
    
    - Rename `aws-ecs-patterns/test/fargate/integ.alb-fargate-service-https-idle-timeout.ts` to `aws-ecs-patterns/test/fargate/integ.alb-fargate-service-idle-timeout.ts`
    - Remove unnecessary property
    - Run `yarn integ`
    
    ### Description of how you validated changes
    
    
    - Pass integ test
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    wafuwafu13 authored Apr 17, 2024
    Configuration menu
    Copy the full SHA
    5347369 View commit details
    Browse the repository at this point in the history
  4. chore: update name of sdk-v2-to-v3-adapter and improve documentation (

    #29847)
    
    ### Issue # (if applicable)
    
    Closes #29843
    
    ### Reason for this change
    
    The AWS SDK V2 is being deprecated. The `sdk-v2-to-v3-adapter` was created as a way to migrate `AwsCustomResource` to use AWS SDK V3 without introducing breaking changes. The documentation for the adapter does not provide enough detail about what it is used for and what functionality it provides. Additionally, the naming of the adapter should convey that it is used to provide an abstraction over all SDK versions, not just SDK V2 to SDK V3.
    
    ### Description of changes
    
    The `sdk-v2-to-v3-adapter` was changed to `aws-custom-resource-sdk-adapter`. Any usage of `sdk-v2-to-v3-adapter` was updated to now use `aws-custom-resource-sdk-adapter`. The `README` for `aws-custom-resource-sdk-adapter` was improved to provide an overview of the tooling that exists as part of the adapter.
    
    ### Description of how you validated changes
    
    No new unit tests or integ tests were needed as part of this PR. The current build is succeeding which means that the naming update has not introduced a breaking change.
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    colifran authored Apr 17, 2024
    Configuration menu
    Copy the full SHA
    39755fd View commit details
    Browse the repository at this point in the history
  5. chore: add aws-sdk as dev dependency for unit tests and satisfy `Aw…

    …sSdkCall` in unit tests (#29860)
    
    ### Reason for this change
    
    #29648 introduced a change to the `AwsSdkCall` representation used in the v2 and v3 handler code. Our handler unit tests use `satisfies` to validate that the event object satisfies `AwsSdkCall`. All unit tests and the build still pass, but the linter calls out that the event object doesn't actually satisfy `AwsSdkCall`.
    
    #29845 removed the dependency `@aws-cdk/custom-resource-handlers` had on `aws-sdk`. We should add this as devDependency since we're using `aws-sdk` in v2 handler mocks.
    
    ### Description of changes
    
    I added `logApiResponseData` property to the event objects being tested to make the event satisfy `AwsSdkCall`. I added `aws-sdk` as a dev dependency. We will remove this as part of the v2 handler removal.
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    colifran authored Apr 17, 2024
    Configuration menu
    Copy the full SHA
    41d2c52 View commit details
    Browse the repository at this point in the history
  6. chore: fix typo in runtime.test.ts (#29865)

    ### Issue # (if applicable)
    
    Closes #<issue number here>.
    
    ### Reason for this change
    
    
    
    ### Description of changes
    
    
    
    ### Description of how you validated changes
    
    
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    kdnakt authored Apr 17, 2024
    Configuration menu
    Copy the full SHA
    e22e930 View commit details
    Browse the repository at this point in the history
  7. chore: npm-check-updates && yarn upgrade (#29864)

    Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.
    aws-cdk-automation authored Apr 17, 2024
    Configuration menu
    Copy the full SHA
    6cd1e1f View commit details
    Browse the repository at this point in the history
  8. fix(cognito-identitypool-alpha): inconvenient IdentityPoolProviderUrl…

    ….userPool() (#29025)
    
    ### Reason for this change
    
    `IdentityPoolProviderUrl.userPool()` requires a string `url` currently.
    The description is "User Pool Provider Url".
    It should be ``` `${userPool.userPoolProviderName}:${userPoolClient.userPoolClientId}` ```.
    
    `UserPool` has an attribute `userPoolProviderUrl` which description is "User Pool Provider Url", but confusingly, it cannot be specified to `IdentityPoolProviderUrl.userPool()`.
    
    The format of the identity provider identifier isn't well documented.
    See [SetIdentityPoolRoles API reference](https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_SetIdentityPoolRoles.html) for example of User Pool's identity provider identifier.
    
    ### Description of changes
    
    This PR fixes `IdentityPoolProviderUrl.userPool()` to accept `UserPool` and `UserPoolClient` instead of a string `url`.
    It generates a correct identifier described above.
    
    ### Description of how you validated changes
    
    Existing integration test generates an identifier as described above.
    The snapshot won't be changed by this PR.
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    BREAKING CHANGE: The argument of `IdentityPoolProviderUrl.userPool()` has been changed from `url: string` to `userPool: UserPool, userPoolClient: UserPoolClient`. If you want to specify custom identifier string, use `IdentityPoolProviderUrl.custom()` instead.
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    Tietew authored Apr 17, 2024
    Configuration menu
    Copy the full SHA
    90a7734 View commit details
    Browse the repository at this point in the history
  9. chore: add cli test check when cli tests are updated (#29872)

    We should be running the integ test pipeline when we have changes in that package.
    
    ### Checklist
    - [ ] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    TheRealAmazonKendra authored Apr 17, 2024
    Configuration menu
    Copy the full SHA
    48731ad View commit details
    Browse the repository at this point in the history
  10. feat(cognito): support provider details for `UserPoolIdentityProvider…

    …Saml` (#29588)
    
    ### Issue # (if applicable)
    
    Closes #29494.
    Closes #29598.
    
    #29598 is really close issue and I tried to resolve it in this PR.
    If it is not good to resolve multiple issues in 1 PR, I would separate this PR.
    
    ### Reason for this change
    
    [`UserPoolIdentityProviderSaml` can configure `ProviderDetails`](https://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolidentityprovider.html#aws-resource-cognito-userpoolidentityprovider-properties) but there are some items that is not configurable from AWS CDK.
    - `EncryptedResponses`
    - `RequestSigningAlgorithm`
    - `IDPInit`
    
    ### Description of changes
    
    Add 3 properties to `UserPoolIdentityProviderSamlProps`.
    - `encryptedResponses`
    - `requestSigningAlgorithm`
    - `idpInitiated`
    
    ### Description of how you validated changes
    
    Added both unit and integ tests.
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    badmintoncryer authored Apr 17, 2024
    Configuration menu
    Copy the full SHA
    375f1a6 View commit details
    Browse the repository at this point in the history
  11. fix(eks): add support of Helm charts located in ECR of AWS CN region (#…

    …29778)
    
    ### Issue # (if applicable)
    
    Closes #28460.
    
    ### Reason for this change
    
    Current implementation will not identity helm charts stored in ECR on AWS CN regions, and will treat ECR as simple, unauthorized repository. 
    
    ### Description of changes
    
    This change add support of ECR on AWS CN region by adding a optional suffix of .cn to the regex.
    
    ### Description of how you validated changes
    
    Run the affected regex against helm repo in ECR China (123456789012.dkr.ecr.cn-northwest-1.amazonaws.com.cn)
    ```
    import re
    repository = 'oci://123456789012.dkr.ecr.cn-northwest-1.amazonaws.com.cn'
    private_ecr_pattern = 'oci://(?P<registry>\d+\.dkr\.ecr\.(?P<region>[a-z0-9\-]+)\.amazonaws\.com(\.cn)?)*'
    private_registry = re.match(private_ecr_pattern, repository).groupdict()
    print(private_registry['registry'])
    ```
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    yubingjiaocn authored Apr 17, 2024
    Configuration menu
    Copy the full SHA
    0da25e5 View commit details
    Browse the repository at this point in the history
  12. feat(elasticloadbalancingv2): add removeSuffix param for ExternalAppl…

    …icationListener.addAction() (#29746)
    
    ### Issue # (if applicable)
    
    Closes #29496
    
    ### Reason for this change
    
    See #29513 (props based solution instead of feature-flag)
    
    ### Description of changes
    
    Adds a `removeSuffix` property to addAction method to address problems due to logicalId inconsistency.
    
    ### Description of how you validated changes
    
    UTs. Per IT document, integration tests are not necessary.
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    ahammond authored Apr 17, 2024
    Configuration menu
    Copy the full SHA
    f4af330 View commit details
    Browse the repository at this point in the history
  13. fix(spec2cdk): get tag gives null result in Java CDK (#29870)

    ### Issue # (if applicable)
    
    Closes #29869
    
    ### Reason for this change
    
    Without it, it breaks java users who rely on tagging name to generate resource id.
    
    ### Description of changes
    
    Provide a default value using the initial `tagValue` users provide.
    
    ### Description of how you validated changes
    
    Existing tests all pass. Essentially changing it back to the original state.
    
    ### Checklist
    - [ ] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
    GavinZZ authored Apr 17, 2024
    Configuration menu
    Copy the full SHA
    5a918d1 View commit details
    Browse the repository at this point in the history

Commits on Apr 18, 2024

  1. chore(release): 2.138.0

    AWS CDK Team committed Apr 18, 2024
    Configuration menu
    Copy the full SHA
    8ff7859 View commit details
    Browse the repository at this point in the history