fix(cloudfront): make long function name deterministic #30392

…into fix-cf-fn-name

Since affected users are already redeploying due to non- deterministic names, we can change the logic entirely to make it cleaner and ensure consistency

Since the affected names are longer than 64 characters anyways, we can simplify all the logic, as the name won't be trimmed if it is shorter than 40 characters anyway.

…into fix-cf-fn-name

### Issue # (if applicable) Closes aws#18470 ### Reason for this change This allows customers to execute an arbitrary build script as part of cdk synth, which will enable customer to use esbuild plugins. The rationale for this decision is given the issue that is linked above. ### Description of changes 1. Expose the code field on the `aws-lambda-nodejs` construct, so that customers can specify code in ways other than bundling, which was the default and abstracted away from customers before this change. 2. Add a new static method on Code, namely `Code.fromCustomCommand`. This method takes in the commands to run an arbitrary script during cdk synthesis that the customer provides. The customer also provides the location of the output from the buildscript. Then this output is supplied to a lambda function. ### Description of how you validated changes manual testing (involving inspecting output in the AWS Lambda console and invoking the function), integration tests, and full unit test coverage of new changes. ### Checklist - [X] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…ent README ### Reason for this change The links in the development section of the aws-s3-deployment README are pointing to incorrect locations (files have been moved from those locations), fixed the links. ### Description of changes There are no code changes, only documentation update ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

### Issue # (if applicable) Closes aws#19388 ### Reason for this change Adding tag/untag for eks cluster post its creation ### Description of changes Added API calls tagResource and untagResource in Cluster resource handler to handle tag changes ### Description of how you validated changes Have tested the changes by first deploying a cluster with below config: ```ts const vpc = ec2.Vpc.fromLookup(stack, 'Vpc', { isDefault: true }); new eks.Cluster(stack, 'Cluster', { vpc, ...getClusterVersionConfig(stack, eks.KubernetesVersion.V1_29), defaultCapacity: 0, tags: { foo: 'bar', }, }); ``` TestCase - 1 Update to add one more tag ```ts new eks.Cluster(stack, 'Cluster', { vpc, ...getClusterVersionConfig(stack, eks.KubernetesVersion.V1_29), defaultCapacity: 0, tags: { foo: 'bar', hello: "world" }, }); ``` Logs - ``` { "updates": { "replaceName": false, "replaceVpc": false, "updateAccess": false, "replaceRole": false, "updateVersion": false, "updateEncryption": false, "updateLogging": false, "updateTags": true } } ``` ``` { clientName: 'EKSClient', commandName: 'TagResourceCommand', input: { resourceArn: 'arn:aws:eks:us-east-1:xxxxx:cluster/Cluster9EE0221C-f0d60e8e0bf14fb5896ade518b5bbc15', tags: { hello: 'world' } }, output: {}, metadata: {} } ``` TestCase2 - Add, update and remove at the same time ```ts new eks.Cluster(stack, 'Cluster', { vpc, ...getClusterVersionConfig(stack, eks.KubernetesVersion.V1_29), defaultCapacity: 0, tags: { hello: 'world1', foobar: 'baz', }, endpointAccess: eks.EndpointAccess.PUBLIC, vpcSubnets: [{ subnetType: ec2.SubnetType.PUBLIC }], }); ``` ``` { clientName: 'EKSClient', commandName: 'TagResourceCommand', input: { resourceArn: 'arn:aws:eks:us-east-1:xxxxx:cluster/Cluster9EE0221C-f0d60e8e0bf14fb5896ade518b5bbc15', tags: { foobar: 'baz', hello: 'world1' } }, output: {}, metadata: {} } ``` ``` { clientName: 'EKSClient', commandName: 'UntagResourceCommand', input: { resourceArn: 'arn:aws:eks:us-east-1:xxxxx:cluster/Cluster9EE0221C-f0d60e8e0bf14fb5896ade518b5bbc15', tagKeys: [ 'foo' ] }, output: {}, metadata: {} } ``` TestCase - 3 Remove all tags ```ts new eks.Cluster(stack, 'Cluster', { vpc, ...getClusterVersionConfig(stack, eks.KubernetesVersion.V1_29), defaultCapacity: 0, endpointAccess: eks.EndpointAccess.PUBLIC, vpcSubnets: [{ subnetType: ec2.SubnetType.PUBLIC }], }); ``` ``` { clientName: 'EKSClient', commandName: 'UntagResourceCommand', input: { resourceArn: 'arn:aws:eks:us-east-1:xxxxx:cluster/Cluster9EE0221C-f0d60e8e0bf14fb5896ade518b5bbc15', tagKeys: [ 'foobar', 'hello' ] }, output: {}, metadata: {} ``` ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Automated changes by [create-pull-request](https://github.com/peter-evans/create-pull-request) GitHub action

### Issue # (if applicable) Closes aws#8827. ### Reason for this change Customers could not override the authorizer defined in the default method configuration if they want to set the authorization type to None. ### Description of changes If the customer set the authorization type to None while creating a new method, we will not use the authorizer value defined in the default configuration and instead we will set it to undefined. ### Description of how you validated changes added unit, and integration test cases. ### Checklist - [X] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…#30435) Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 44.5.1 to 44.5.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/releases">tj-actions/changed-files's releases</a>.</em></p> <blockquote> <h2>v44.5.2</h2> <h2>What's Changed</h2> <ul> <li>Upgraded to v44.5.1 by <a href="https://github.com/tj-actions-bot"><code>@tj-actions-bot</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2108">tj-actions/changed-files#2108</a></li> <li>chore(deps): lock file maintenance by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2109">tj-actions/changed-files#2109</a></li> <li>chore(deps): lock file maintenance by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2110">tj-actions/changed-files#2110</a></li> <li>chore(deps): update typescript-eslint monorepo to v7.11.0 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2111">tj-actions/changed-files#2111</a></li> <li>chore(deps): update dependency ts-jest to v29.1.4 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2112">tj-actions/changed-files#2112</a></li> <li>chore(deps): update dependency <code>@types/node</code> to v20.12.13 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2115">tj-actions/changed-files#2115</a></li> <li>fix: warning with fetch_missing_history_max_retries using REST API by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://github.com/tj-actions/changed-files/pull/2114">tj-actions/changed-files#2114</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/changed-files/compare/v44...v44.5.2">https://github.com/tj-actions/changed-files/compare/v44...v44.5.2</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v44.5.1...v44.5.2">44.5.2</a> - (2024-05-30)</h1> <h2>🐛 Bug Fixes</h2> <ul> <li>Warning with fetch_missing_history_max_retries using REST API (<a href="https://github.com/tj-actions/changed-files/issues/2114">#2114</a>) (<a href="https://github.com/tj-actions/changed-files/commit/d6babd6899969df1a11d14c368283ea4436bca78">d6babd6</a>) - (Tonye Jack)</li> </ul> <h2>⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v20.12.13 (<a href="https://github.com/tj-actions/changed-files/commit/0a79e54e1f77956a7c39c12ebad4e8f62ce0e6fb">0a79e54</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency ts-jest to v29.1.4 (<a href="https://github.com/tj-actions/changed-files/commit/9d06a2a6a9aaef4e329865c87541e4fb2c36c7b2">9d06a2a</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update typescript-eslint monorepo to v7.11.0 (<a href="https://github.com/tj-actions/changed-files/commit/7e8e88bd3537fcf190ad772c0a96f30febd0734a">7e8e88b</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Lock file maintenance (<a href="https://github.com/tj-actions/changed-files/commit/b510737b966ce69c576f08abf8206fb222e4d4da">b510737</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Lock file maintenance (<a href="https://github.com/tj-actions/changed-files/commit/2e7097935335571e0182fd95a8b7607d74248c2a">2e70979</a>) - (renovate[bot])</li> </ul> <h2>⬆️ Upgrades</h2> <ul> <li>Upgraded to v44.5.1 (<a href="https://github.com/tj-actions/changed-files/issues/2108">#2108</a>)</li> </ul> <p>Co-authored-by: jackton1 <a href="mailto:17484350+jackton1@users.noreply.github.com">17484350+jackton1@users.noreply.github.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/625929d27d5d9362ce949a0dc367bfbaf4689115">625929d</a>) - (tj-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v44.5.0...v44.5.1">44.5.1</a> - (2024-05-24)</h1> <h2>🐛 Bug Fixes</h2> <ul> <li>Bug detecting previous tag when workflow is rerun (<a href="https://github.com/tj-actions/changed-files/issues/2107">#2107</a>) (<a href="https://github.com/tj-actions/changed-files/commit/03334d095e2739fa9ac4034ec16f66d5d01e9eba">03334d0</a>) - (Tonye Jack)</li> <li><strong>deps:</strong> Update dependency micromatch to v4.0.7 (<a href="https://github.com/tj-actions/changed-files/commit/98e187efcdfa77f01efb485b093a97a21d8281cd">98e187e</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency micromatch to v4.0.6 (<a href="https://github.com/tj-actions/changed-files/commit/bf548e4af2ea13d28cd8b89f84d3ec31f27f66dc">bf548e4</a>) - (renovate[bot])</li> </ul> <h2>➕ Add</h2> <ul> <li>Added missing changes and modified dist assets. (<a href="https://github.com/tj-actions/changed-files/commit/8a0655f075f752a7fcf8fedd1e6b976d8a3d4454">8a0655f</a>) - (GitHub Action)</li> <li>Added missing changes and modified dist assets. (<a href="https://github.com/tj-actions/changed-files/commit/96f65726eae8888afa41617580af5882e4e197f5">96f6572</a>) - (GitHub Action)</li> </ul> <h2>⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Update dependency ts-jest to v29.1.3 (<a href="https://github.com/tj-actions/changed-files/commit/d195e6e7c2774fc8d3941acb2e6be1d38077eb47">d195e6e</a>) - (renovate[bot])</li> </ul> <h2>⬆️ Upgrades</h2> <ul> <li>Upgraded to v44.5.0 (<a href="https://github.com/tj-actions/changed-files/issues/2101">#2101</a>)</li> </ul> <p>Co-authored-by: jackton1 <a href="mailto:17484350+jackton1@users.noreply.github.com">17484350+jackton1@users.noreply.github.com</a> Co-authored-by: repo-ranger[bot] (<a href="https://github.com/tj-actions/changed-files/commit/8b07fd3b111677cb50907731b0af597475af6bec">8b07fd3</a>) - (tj-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v44.4.0...v44.5.0">44.5.0</a> - (2024-05-21)</h1> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/d6babd6899969df1a11d14c368283ea4436bca78"><code>d6babd6</code></a> fix: warning with fetch_missing_history_max_retries using REST API (<a href="https://github.com/tj-actions/changed-files/issues/2114">#2114</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/0a79e54e1f77956a7c39c12ebad4e8f62ce0e6fb"><code>0a79e54</code></a> chore(deps): update dependency <code>@types/node</code> to v20.12.13</li> <li><a href="https://github.com/tj-actions/changed-files/commit/9d06a2a6a9aaef4e329865c87541e4fb2c36c7b2"><code>9d06a2a</code></a> chore(deps): update dependency ts-jest to v29.1.4</li> <li><a href="https://github.com/tj-actions/changed-files/commit/7e8e88bd3537fcf190ad772c0a96f30febd0734a"><code>7e8e88b</code></a> chore(deps): update typescript-eslint monorepo to v7.11.0</li> <li><a href="https://github.com/tj-actions/changed-files/commit/b510737b966ce69c576f08abf8206fb222e4d4da"><code>b510737</code></a> chore(deps): lock file maintenance</li> <li><a href="https://github.com/tj-actions/changed-files/commit/2e7097935335571e0182fd95a8b7607d74248c2a"><code>2e70979</code></a> chore(deps): lock file maintenance</li> <li><a href="https://github.com/tj-actions/changed-files/commit/625929d27d5d9362ce949a0dc367bfbaf4689115"><code>625929d</code></a> Upgraded to v44.5.1 (<a href="https://github.com/tj-actions/changed-files/issues/2108">#2108</a>)</li> <li>See full diff in <a href="https://github.com/tj-actions/changed-files/compare/03334d095e2739fa9ac4034ec16f66d5d01e9eba...d6babd6899969df1a11d14c368283ea4436bca78">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tj-actions/changed-files&package-manager=github_actions&previous-version=44.5.1&new-version=44.5.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>

A small typo fix. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Minor typo fixed ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…30423) ### Issue # (if applicable) Closes aws#30422 ### Reason for this change Missing Property in the Subscription class. ### Description of changes Add destination property to the Subscription class. ### Description of how you validated changes Add unit tests and integ tests. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Since the affected names are longer than 64 characters anyways, we can simplify all the logic, as the name won't be trimmed if it is shorter than 40 characters anyway.

…iguration` (aws#30420) ### Issue # (if applicable) Closes aws#30403. ### Reason for this change `chatbot.SlackChannelConfiguration` does not support for configuring `userRoleRequired` prop. ### Description of changes Add `userRoleRequired` to `SlackChannelConfigurationProps` ### Description of how you validated changes Add both unit and integ tests ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…trigger (aws#29127) ### Issue # (if applicable) Closes aws#29124 Related PR: aws#29128 Perhaps if one merges, the other will cause a conflict. ### Reason for this change We would be good to trigger pipelines by GitPushFilter with branches and file paths. - CFn docs - https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codepipeline-pipeline-gitpushfilter.html - https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codepipeline-pipeline-gitbranchfiltercriteria.html - https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codepipeline-pipeline-gitfilepathfiltercriteria.html ### Description of changes Add props: - branchesExcludes - branchesIncludes - filePathsExcludes - filePathsIncludes ### Description of how you validated changes Both unit and integ tests. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…e with imported `delegatedZone` (aws#30440) ### Issue # (if applicable) Closes aws#28581. ### Reason for this change An imported `delegatedZone` will not have info about the Name Servers. When it is passed to `CrossAccountZoneDelegationRecord`, the handler will see `undefined` when trying to retrieve the Name Servers info on `delegatedZone`, then throw exception during deployment. This change throws the exception at build time for a faster feedback loop. ### Description of changes `CrossAccountZoneDelegationRecord` throws exception if `delegatedZone.hostedZoneNameServers` is undefined. ### Description of how you validated changes Add unit test to cover the case of passing an imported HostedZone to `CrossAccountZoneDelegationRecord` ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

### Reason for this change The contribution guide recommend the active node LTS: https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md#getting-started ### Description of changes Update node 18 to 20 in devcontainer and gitpod and also the os version to bookworm ### Description of how you validated changes opened devcontainer and gitpod, checkd the node version and run command `npx lerna run build --scope=aws-cdk-lib --scope=@aws-cdk-testing/framework-integ --skip-nx-cache` ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- refs: - aws#25381 - aws#25426 *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

### Issue # (if applicable) Closes aws#29617. ### Reason for this change Implementation of reserved capacity CodeBuild projects ### Description of changes * Add Fleet Construct * Add `EnvironmentType` enum * Refactor existing type strings to use the new enum * Validate that Windows 2022 build images can only be used in fleet projects Changes merged from aws#29616: * Added missing build images * Updated JSDoc comments to indicate AL2023 based images, see [docs](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-available.html) * It might be a good idea to deprecate and rename `AMAZON_LINUX_2_STANDARD_3_0` to `AMAZON_LINUX_2023_STANDARD_3_0`, despite how the images are named. I'll leave it up to the maintainers * Added `{@link}` tags where missing ### Description of how you validated changes Unit and integ tests The images were retrieved using the [codebuild:ListCuratedEnvironmentImages](https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ListCuratedEnvironmentImages.html) API command, and comparing it to the CDK. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…seEncryption method (aws#30417) Removed the single quotes around the error message string to allow proper interpolation of the ${encryptionType} variable. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

aws#30448) Update ADOT Lambda Layer ARNs for recent release aws-observability/aws-otel-lambda#922 includes the PR changes - aws#30263 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec` **L1 CloudFormation resource definition changes:** ``` ├[~] service aws-autoscaling │ └ resources │ └[~] resource AWS::AutoScaling::AutoScalingGroup │ └ properties │ └ NotificationConfiguration: (documentation changed) ├[~] service aws-ec2 │ └ resources │ └[~] resource AWS::EC2::CustomerGateway │ └ properties │ └[+] BgpAsnExtended: number (immutable) ├[~] service aws-eks │ └ resources │ └[~] resource AWS::EKS::Addon │ ├ properties │ │ └[+] PodIdentityAssociations: Array<PodIdentityAssociation> │ └ types │ └[+] type PodIdentityAssociation │ ├ documentation: A pod identity to associate with an add-on. │ │ name: PodIdentityAssociation │ └ properties │ ├ServiceAccount: string (required) │ └RoleArn: string (required) ├[~] service aws-mediaconnect │ └ resources │ └[~] resource AWS::MediaConnect::Flow │ └ types │ └[~] type Source │ └ properties │ ├ MaxLatency: - integer (default=2000) │ │ + integer │ └ MinLatency: - integer (default=2000) │ + integer ├[~] service aws-mediapackagev2 │ └ resources │ └[~] resource AWS::MediaPackageV2::OriginEndpoint │ ├ properties │ │ └[+] DashManifests: Array<DashManifestConfiguration> │ └ types │ ├[+] type DashManifestConfiguration │ │ ├ documentation: <p>Retrieve the DASH manifest configuration.</p> │ │ │ name: DashManifestConfiguration │ │ └ properties │ │ ├ManifestName: string (required) │ │ ├ManifestWindowSeconds: integer │ │ ├FilterConfiguration: FilterConfiguration │ │ ├MinUpdatePeriodSeconds: integer │ │ ├MinBufferTimeSeconds: integer │ │ ├SuggestedPresentationDelaySeconds: integer │ │ ├SegmentTemplateFormat: string │ │ ├PeriodTriggers: Array<string> │ │ ├ScteDash: ScteDash │ │ ├DrmSignaling: string │ │ └UtcTiming: DashUtcTiming │ ├[+] type DashUtcTiming │ │ ├ documentation: <p>Determines the type of UTC timing included in the DASH Media Presentation Description (MPD).</p> │ │ │ name: DashUtcTiming │ │ └ properties │ │ ├TimingMode: string │ │ └TimingSource: string │ └[+] type ScteDash │ ├ documentation: <p>The SCTE configuration.</p> │ │ name: ScteDash │ └ properties │ └AdMarkerDash: string ├[~] service aws-securityhub │ └ resources │ ├[+] resource AWS::SecurityHub::ConfigurationPolicy │ │ ├ name: ConfigurationPolicy │ │ │ cloudFormationType: AWS::SecurityHub::ConfigurationPolicy │ │ │ documentation: The AWS::SecurityHub::ConfigurationPolicy resource represents the Central Configuration Policy in your account. │ │ │ tagInformation: {"tagPropertyName":"Tags","variant":"map"} │ │ ├ properties │ │ │ ├Name: string (required) │ │ │ ├Description: string │ │ │ ├ConfigurationPolicy: Policy (required) │ │ │ └Tags: Map<string, string> │ │ ├ attributes │ │ │ ├Arn: string │ │ │ ├Id: string │ │ │ ├CreatedAt: string │ │ │ ├UpdatedAt: string │ │ │ └ServiceEnabled: boolean │ │ └ types │ │ ├type Policy │ │ │├ documentation: An object that defines how Security Hub is configured. │ │ ││ name: Policy │ │ │└ properties │ │ │ └SecurityHub: SecurityHubPolicy │ │ ├type SecurityHubPolicy │ │ │├ documentation: An object that defines how AWS Security Hub is configured. │ │ ││ name: SecurityHubPolicy │ │ │└ properties │ │ │ ├EnabledStandardIdentifiers: Array<string> │ │ │ ├ServiceEnabled: boolean │ │ │ └SecurityControlsConfiguration: SecurityControlsConfiguration │ │ ├type SecurityControlsConfiguration │ │ │├ documentation: An object that defines which security controls are enabled in an AWS Security Hub configuration policy. │ │ ││ name: SecurityControlsConfiguration │ │ │└ properties │ │ │ ├DisabledSecurityControlIdentifiers: Array<string> │ │ │ ├EnabledSecurityControlIdentifiers: Array<string> │ │ │ └SecurityControlCustomParameters: Array<SecurityControlCustomParameter> │ │ ├type SecurityControlCustomParameter │ │ │├ documentation: An object of security control and control parameter value that are included in a configuration policy. │ │ ││ name: SecurityControlCustomParameter │ │ │└ properties │ │ │ ├Parameters: Map<string, ParameterConfiguration> │ │ │ └SecurityControlId: string │ │ ├type ParameterConfiguration │ │ │├ documentation: An object that provides the current value of a security control parameter and identifies whether it has been customized. │ │ ││ name: ParameterConfiguration │ │ │└ properties │ │ │ ├ValueType: string (required) │ │ │ └Value: ParameterValue │ │ └type ParameterValue │ │ ├ documentation: An object that includes the data type of a security control parameter and its current value. │ │ │ name: ParameterValue │ │ └ properties │ │ ├Boolean: boolean │ │ ├Double: number │ │ ├Enum: string │ │ ├EnumList: Array<string> │ │ ├Integer: integer │ │ ├IntegerList: Array<integer> │ │ ├String: string │ │ └StringList: Array<string> │ ├[+] resource AWS::SecurityHub::FindingAggregator │ │ ├ name: FindingAggregator │ │ │ cloudFormationType: AWS::SecurityHub::FindingAggregator │ │ │ documentation: The AWS::SecurityHub::FindingAggregator resource represents the AWS Security Hub Finding Aggregator in your account. One finding aggregator resource is created for each account in non opt-in region in which you configure region linking mode. │ │ ├ properties │ │ │ ├RegionLinkingMode: string (required) │ │ │ └Regions: Array<string> │ │ └ attributes │ │ ├FindingAggregatorArn: string │ │ └FindingAggregationRegion: string │ ├[+] resource AWS::SecurityHub::OrganizationConfiguration │ │ ├ name: OrganizationConfiguration │ │ │ cloudFormationType: AWS::SecurityHub::OrganizationConfiguration │ │ │ documentation: The AWS::SecurityHub::OrganizationConfiguration resource represents the configuration of your organization in Security Hub. Only the Security Hub administrator account can create Organization Configuration resource in each region and can opt-in to Central Configuration only in the aggregation region of FindingAggregator. │ │ ├ properties │ │ │ ├AutoEnable: boolean (required) │ │ │ ├AutoEnableStandards: string │ │ │ └ConfigurationType: string │ │ └ attributes │ │ ├OrganizationConfigurationIdentifier: string │ │ ├Status: string │ │ ├StatusMessage: string │ │ └MemberAccountLimitReached: boolean │ └[+] resource AWS::SecurityHub::PolicyAssociation │ ├ name: PolicyAssociation │ │ cloudFormationType: AWS::SecurityHub::PolicyAssociation │ │ documentation: The AWS::SecurityHub::PolicyAssociation resource represents the AWS Security Hub Central Configuration Policy associations in your Target. Only the AWS Security Hub delegated administrator can create the resouce from the home region. │ ├ properties │ │ ├ConfigurationPolicyId: string (required) │ │ ├TargetId: string (required, immutable) │ │ └TargetType: string (required, immutable) │ └ attributes │ ├AssociationStatus: string │ ├AssociationType: string │ ├AssociationStatusMessage: string │ ├UpdatedAt: string │ └AssociationIdentifier: string └[~] service aws-securitylake └ resources ├[~] resource AWS::SecurityLake::Subscriber │ ├ properties │ │ └[-] Sources: Array<Source> (required) │ └ types │ ├[-] type AwsLogSource │ │ ├ documentation: Adds a natively supported AWS service as an Amazon Security Lake source. Enables source types for member accounts in required AWS Regions, based on the parameters you specify. You can choose any source type in any Region for either accounts that are part of a trusted organization or standalone accounts. Once you add an AWS service as a source, Security Lake starts collecting logs and events from it. │ │ │ name: AwsLogSource │ │ └ properties │ │ ├SourceName: string │ │ └SourceVersion: string │ ├[-] type CustomLogSource │ │ ├ documentation: Third-party custom log source that meets the requirements to be added to Amazon Security Lake . For more details, see [Custom log source](https://docs.aws.amazon.com//security-lake/latest/userguide/custom-sources.html#iam-roles-custom-sources) in the *Amazon Security Lake User Guide* . │ │ │ name: CustomLogSource │ │ └ properties │ │ ├SourceName: string │ │ └SourceVersion: string │ └[-] type Source │ ├ documentation: Sources are logs and events generated from a single system that match a specific event class in the Open Cybersecurity Schema Framework (OCSF) schema. Amazon Security Lake can collect logs and events from a variety of sources, including natively supported AWS services and third-party custom sources. │ │ name: Source │ └ properties │ ├AwsLogSource: AwsLogSource │ └CustomLogSource: CustomLogSource └[+] resource AWS::SecurityLake::SubscriberNotification ├ name: SubscriberNotification │ cloudFormationType: AWS::SecurityLake::SubscriberNotification │ documentation: Resource Type definition for AWS::SecurityLake::SubscriberNotification ├ properties │ └SubscriberArn: string (required, immutable) └ attributes └SubscriberEndpoint: string ```

…map (aws#30460) ### Issue # (if applicable) N/A ### Reason for this change The README.md currently points to a roadmap that is no longer in use. ### Description of changes Removing old roadmap reference and pointing to the proper roadmap location. ### Checklist - [ x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…ce event properties by default (aws#30418) Closes aws#30121, aws#29949 ### Reason for this change PR aws#29648 introduced a new resource property `logApiResponseData`. This resource property is `true` by default which forces an update for `AwsCustomResource`. For users without `onUpdate` configured an empty data object is returned if no SDK call is configured. This can cause an attribute error if the user is depending on a data from a specific SDK call. ### Description of changes Made `logApiResponseData` undefined by default which will not trigger `onUpdate`. To maintain backwards compatibility with the original PR introducing `logApiResponseData` as true by default, I've also introduced a feature flag that will allow users to keep the current behavior so they aren't now forced into another `onUpdate` event. ### Description of how you validated changes Updated unit tests where `logApiResponseData` was added as a resource property. Added new unit test to verify that `logApiResponseData` could be added to the event. Updated unit tests that test `_render()` to ensure that the default case will result in an empty object. Updated integ tests. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…aths for trigger" (aws#30462) Reverts aws#29127

### Issue # (if applicable) - Similar to aws#29040, this PR adds 1.30 support. - Update all existing integ tests for `V1_29` and make sure they deploy with `V1_30`. DependOn: - [x] cdklabs/awscdk-asset-kubectl#838 - [x] cdklabs/awscdk-asset-kubectl#860 Closes aws#30443 ### Reason for this change ### Description of changes ### Description of how you validated changes ```ts export class EksClusterLatestVersion extends Stack { constructor(scope: Construct, id: string, props: StackProps) { super(scope, id, props); const vpc = new ec2.Vpc(this, 'Vpc', { natGateways: 1 }); const mastersRole = new iam.Role(this, 'Role', { assumedBy: new iam.AccountRootPrincipal(), }); // create eks.Cluster of the latest k8s version new eks.Cluster(this, 'Cluster', { vpc, mastersRole, version: eks.KubernetesVersion.V1_30, kubectlLayer: new KubectlV30Layer(this, 'KubectlLayer'), defaultCapacity: 1, }); } } ``` $ kubectl get no NAME STATUS ROLES AGE VERSION ip-172-31-3-166.ec2.internal Ready <none> 5m38s v1.30.0-eks-036c24b ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

… jsiirc (aws#30461) ### Issue # (if applicable) Closes aws#28348 ### Reason for this change When we promote apigatewayv2 from experimental to stable module, we did not add `jsiirc.json` file, thus no documentation is created and the namespace for import is incorrect. ### Description of changes We cannot fix the namespace now as this is stable modules and there're customers using it. Fixing this would be a breaking change to users who use apigatewayv2 in `aws-cdk-lib`. ### Description of how you validated changes N/A ### Checklist - [ ] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

### Issue # (if applicable) Closes #<issue number here>. ### Reason for this change This is a minor refactor for preventing an Event Rule to have at most 5 associated targets defined during a synth. This is the main limit set by EventBridge https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-quota.html#eb-limits ### Description of changes This is a very simple change in `aws-events` module to check if the `targets` array length of an `Event` is greater than 5. If it is then it throws an Error during build time. ### Description of how you validated changes Added a unit test by in `rule.test.ts` by verifying an Error is being thrown when a Rule has more than 5 associated targets. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Looks like we are comparing `LogFormat` to the `LoggingFormat` enum. This is not technically a problem for us because `LogFormat` is a string. We deprecated it and created `LoggingFormat` to enforce the enum. This conditional works because all the enums collapse to strings, but it is best if we sync up the properties with their correct enums. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

### Issue # (if applicable) Closes aws#30172. ### Reason for this change AWS Config supports for proactive evaluation mode but L2 construct cannot configure it. ### Description of changes - Define `EvaluationMode` class - Add `evaluationModes` prop to `RuleProps` ```ts new config.ManagedRule(stack, 'ManagedRule', { identifier: config.ManagedRuleIdentifiers.API_GW_XRAY_ENABLED, evaluationModes: config.EvaluationMode.DETECTIVE_AND_PROACTIVE, // add }); ``` ### Description of how you validated changes Add both unit and integ tests. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

… is more strict than it should be (aws#30237) 1. fix the event source validation 2. move the validation from renderEntries() to validateEntries() 3. add unit tests ### Issue # (if applicable) Closes aws#30191 ### Reason for this change ### Description of changes ### Description of how you validated changes ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

### Reason for this change Add support for newly supported `8.0.mysql_aurora.3.07.0`. https://docs.aws.amazon.com/AmazonRDS/latest/AuroraMySQLReleaseNotes/AuroraMySQL.Updates.3070.html ### Description of changes Add a new version as a new property to `AuroraMysqlEngineVersion` class. ### Description of how you validated changes I used the AWS CLI to verify that the new version is available. ```bash aws rds describe-db-engine-versions --engine aurora-mysql --query "DBEngineVersions[?EngineVersion=='8.0.mysql_aurora.3.07.0']" [ { "Engine": "aurora-mysql", "EngineVersion": "8.0.mysql_aurora.3.07.0", "DBParameterGroupFamily": "aurora-mysql8.0", "DBEngineDescription": "Aurora MySQL", "DBEngineVersionDescription": "Aurora MySQL 3.07.0 (compatible with MySQL 8.0.36)", "ValidUpgradeTarget": [], "ExportableLogTypes": [ "audit", "error", "general", "slowquery" ], "SupportsLogExportsToCloudwatchLogs": true, "SupportsReadReplica": false, "SupportedEngineModes": [ "provisioned" ], "SupportedFeatureNames": [ "Bedrock" ], "Status": "available", "SupportsParallelQuery": true, "SupportsGlobalDatabases": true, "MajorEngineVersion": "8.0", "SupportsBabelfish": false, "SupportsLimitlessDatabase": false, "SupportsCertificateRotationWithoutRestart": true, "SupportedCACertificateIdentifiers": [ "rds-ca-2019", "rds-ca-ecc384-g1", "rds-ca-rsa4096-g1", "rds-ca-rsa2048-g1" ], "SupportsLocalWriteForwarding": true, "SupportsIntegrations": true } ] ``` Hopefully this will be automated in the future. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec` **L1 CloudFormation resource definition changes:** ``` ├[~] service aws-autoscaling │ └ resources │ └[~] resource AWS::AutoScaling::ScalingPolicy │ └ types │ ├[~] type CustomizedMetricSpecification │ │ └ properties │ │ ├ MetricName: - string (required) │ │ │ + string │ │ ├[+] Metrics: Array<TargetTrackingMetricDataQuery> │ │ ├ Namespace: - string (required) │ │ │ + string │ │ └ Statistic: - string (required) │ │ + string │ ├[+] type TargetTrackingMetricDataQuery │ │ ├ name: TargetTrackingMetricDataQuery │ │ └ properties │ │ ├Label: string │ │ ├MetricStat: TargetTrackingMetricStat │ │ ├Id: string (required) │ │ ├ReturnData: boolean │ │ └Expression: string │ └[+] type TargetTrackingMetricStat │ ├ name: TargetTrackingMetricStat │ └ properties │ ├Metric: Metric (required) │ ├Stat: string (required) │ └Unit: string ├[~] service aws-connect │ └ resources │ └[~] resource AWS::Connect::Rule │ └ types │ ├[~] type Actions │ │ └ properties │ │ └[+] SubmitAutoEvaluationActions: Array<SubmitAutoEvaluationAction> │ └[+] type SubmitAutoEvaluationAction │ ├ documentation: The definition of submit auto evaluation action. │ │ name: SubmitAutoEvaluationAction │ └ properties │ └EvaluationFormArn: string (required) ├[~] service aws-ec2 │ └ resources │ └[~] resource AWS::EC2::TransitGatewayRoute ├[~] service aws-ecs │ └ resources │ └[~] resource AWS::ECS::Cluster │ └ types │ ├[~] type ClusterConfiguration │ │ └ properties │ │ └[+] ManagedStorageConfiguration: ManagedStorageConfiguration │ └[+] type ManagedStorageConfiguration │ ├ name: ManagedStorageConfiguration │ └ properties │ ├FargateEphemeralStorageKmsKeyId: string │ └KmsKeyId: string ├[~] service aws-pipes │ └ resources │ └[~] resource AWS::Pipes::Pipe │ └ types │ ├[+] type DimensionMapping │ │ ├ name: DimensionMapping │ │ └ properties │ │ ├DimensionValue: string (required) │ │ ├DimensionValueType: string (required) │ │ └DimensionName: string (required) │ ├[+] type MultiMeasureAttributeMapping │ │ ├ name: MultiMeasureAttributeMapping │ │ └ properties │ │ ├MeasureValue: string (required) │ │ ├MeasureValueType: string (required) │ │ └MultiMeasureAttributeName: string (required) │ ├[+] type MultiMeasureMapping │ │ ├ name: MultiMeasureMapping │ │ └ properties │ │ ├MultiMeasureName: string (required) │ │ └MultiMeasureAttributeMappings: Array<MultiMeasureAttributeMapping> (required) │ ├[~] type PipeTargetParameters │ │ └ properties │ │ └[+] TimestreamParameters: PipeTargetTimestreamParameters │ ├[+] type PipeTargetTimestreamParameters │ │ ├ name: PipeTargetTimestreamParameters │ │ └ properties │ │ ├TimeValue: string (required) │ │ ├EpochTimeUnit: string │ │ ├TimeFieldType: string │ │ ├TimestampFormat: string │ │ ├VersionValue: string (required) │ │ ├DimensionMappings: Array<DimensionMapping> (required) │ │ ├SingleMeasureMappings: Array<SingleMeasureMapping> │ │ └MultiMeasureMappings: Array<MultiMeasureMapping> │ └[+] type SingleMeasureMapping │ ├ name: SingleMeasureMapping │ └ properties │ ├MeasureValue: string (required) │ ├MeasureValueType: string (required) │ └MeasureName: string (required) ├[~] service aws-rolesanywhere │ └ resources │ └[~] resource AWS::RolesAnywhere::Profile │ ├ properties │ │ └[+] AttributeMappings: Array<AttributeMapping> │ └ types │ ├[+] type AttributeMapping │ │ ├ name: AttributeMapping │ │ └ properties │ │ ├MappingRules: Array<MappingRule> (required) │ │ └CertificateField: string (required) │ └[+] type MappingRule │ ├ name: MappingRule │ └ properties │ └Specifier: string (required) └[~] service aws-securitylake └ resources └[~] resource AWS::SecurityLake::DataLake └ properties └ MetaStoreManagerRoleArn: - string (immutable) + string ```

### Issue # (if applicable) Closes aws#29049. ### Reason for this change Allow the Topic construct to expose a method to grant subscription permissions to a grantable resource. It's useful when you want to allow entities, such as another AWS account or resources created later, to subscribe to the topic at their own pace, separating permission granting from the actual subscription process. ### Description of changes Add grantSubscribe method to ITopic interface and TopicBase class. ### Description of how you validated changes Add unit tests and integ tests. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

### Issue # (if applicable) N/A ### Reason for this change Cluster can be upgraded/created to Postgres 15.6 via the console/CLI but not CDK. ### Description of changes Adds support for Postgres 15.6 Aurora cluster, 15.5 instances are already supported. ### Description of how you validated changes N/A ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…#30351) ### Issue # (if applicable) N/A ### Reason for this change AppRunner supported Dual Stack. https://aws.amazon.com/about-aws/whats-new/2023/11/aws-app-runner-supports-ipv6-public-inbound-traffic/?nc1=h_ls But current L2 Construct (alpha module) does not support it. ### Description of changes Add ipAddressType property to the Service class ### Description of how you validated changes Add unit tests and integ tests. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…into fix-cf-fn-name

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(cloudfront): make long function name deterministic #30392

fix(cloudfront): make long function name deterministic #30392

Commits on May 30, 2024

Commits on Jun 3, 2024

Commits on Jun 6, 2024

Commits on Jun 10, 2024

Commits on Jun 11, 2024