chore(release): 2.56.0 (#23428)

See [CHANGELOG](https://github.com/aws/aws-cdk/blob/bump/2.56.0/CHANGELOG.md)

CHANGELOG.v2.alpha.md

@@ -2,6 +2,14 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+## [2.56.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.55.1-alpha.0...v2.56.0-alpha.0) (2022-12-21)
+
+
+### Features
+
+* **integ-tests:** add serializedJson on match utility ([#23218](https://github.com/aws/aws-cdk/issues/23218)) ([1a62dc4](https://github.com/aws/aws-cdk/commit/1a62dc4590d725d3c03861af434a24789eaa0a2e))
+* **servicecatalogappregistry:** Cross region warning and default application tag ([#23412](https://github.com/aws/aws-cdk/issues/23412)) ([8d359ae](https://github.com/aws/aws-cdk/commit/8d359ae35877ce066e419f7e2e7da2b0deb587e6))
+
 ## [2.55.1-alpha.0](https://github.com/aws/aws-cdk/compare/v2.55.0-alpha.0...v2.55.1-alpha.0) (2022-12-16)
 
 ## [2.55.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.54.0-alpha.0...v2.55.0-alpha.0) (2022-12-14)

CHANGELOG.v2.md

@@ -2,6 +2,29 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+## [2.56.0](https://github.com/aws/aws-cdk/compare/v2.55.1...v2.56.0) (2022-12-21)
+
+
+### Features
+
+* **aws-cognito:** add AuthSessionValidity property on a UserPoolClient ([#23040](https://github.com/aws/aws-cdk/issues/23040)) ([8896fb9](https://github.com/aws/aws-cdk/commit/8896fb902ad9c8d91a5ddb63df64963186bd09e1)), closes [#22854](https://github.com/aws/aws-cdk/issues/22854)
+* **cfnspec:** cloudformation spec v102.0.0 ([#23372](https://github.com/aws/aws-cdk/issues/23372)) ([480b0a5](https://github.com/aws/aws-cdk/commit/480b0a5098e51248bbf36ebf2bcec57cc791c2b0))
+* **core:** CfnResource dependency methods ([#23383](https://github.com/aws/aws-cdk/issues/23383)) ([ecedb00](https://github.com/aws/aws-cdk/commit/ecedb00ee3a3cfcaa2564a679fa635aff38f32d8)), closes [#20419](https://github.com/aws/aws-cdk/issues/20419) [#20418](https://github.com/aws/aws-cdk/issues/20418)
+* **lambda:** expose all docker run options to container bundling of all lambda variants ([#23318](https://github.com/aws/aws-cdk/issues/23318)) ([02d0876](https://github.com/aws/aws-cdk/commit/02d0876bbb196e9fbeb32d977e7cf65229c8559d)), closes [#22829](https://github.com/aws/aws-cdk/issues/22829)
+* **trigger:** Allow trigger to work with Lambda functions with long timeouts ([#23062](https://github.com/aws/aws-cdk/issues/23062)) ([9fd3811](https://github.com/aws/aws-cdk/commit/9fd3811b3213a227b84d79348e635a520fc537c7)), closes [#23058](https://github.com/aws/aws-cdk/issues/23058)
+
+
+### Bug Fixes
+
+* **apigateway:** allow multi-level base path mapping ([#23362](https://github.com/aws/aws-cdk/issues/23362)) ([86b6c6f](https://github.com/aws/aws-cdk/commit/86b6c6f796cbd15b7c53a4c0482a2b189d45300f)), closes [#23347](https://github.com/aws/aws-cdk/issues/23347)
+* **autoscaling:** Allow adding AutoScalingGroup to multiple target groups ([#23044](https://github.com/aws/aws-cdk/issues/23044)) ([07acd18](https://github.com/aws/aws-cdk/commit/07acd180d778b7084d8519234cfc3570bb8846ba)), closes [/github.com/aws/aws-cdk/issues/5667#issuecomment-636657482](https://github.com/aws//github.com/aws/aws-cdk/issues/5667/issues/issuecomment-636657482) [#5667](https://github.com/aws/aws-cdk/issues/5667)
+* **aws-eks:** fail to update both logging and access at the same time ([#22957](https://github.com/aws/aws-cdk/issues/22957)) ([606837d](https://github.com/aws/aws-cdk/commit/606837d3de5d048e3fb1674c30a3048e918f680a))
+* **cognito:** quote or mime-encode `fromName` to comply RFC 5322 ([#23227](https://github.com/aws/aws-cdk/issues/23227)) ([78d474a](https://github.com/aws/aws-cdk/commit/78d474a12bce7805f88be96df926149c130bf513)), closes [#18903](https://github.com/aws/aws-cdk/issues/18903) [/www.rfc-editor.org/rfc/rfc5322#section-3](https://github.com/aws//www.rfc-editor.org/rfc/rfc5322/issues/section-3)
+* **core:** cross region ssm writer update ([#23356](https://github.com/aws/aws-cdk/issues/23356)) ([87bd42d](https://github.com/aws/aws-cdk/commit/87bd42d41f11667aef673d9087c28cecedb87f66))
+* **dynamodb:** add kms permissions to grantStreamRead ([#23400](https://github.com/aws/aws-cdk/issues/23400)) ([fcf1bfa](https://github.com/aws/aws-cdk/commit/fcf1bfaab173ee57bbf64d95be62bf10cbb1b851)), closes [40aws-cdk/aws-dynamodb/lib/table.ts#L1025-L1061](https://github.com/40aws-cdk/aws-dynamodb/lib/table.ts/issues/L1025-L1061)
+* **s3-deployment:** source markers missing when there are multiple sources ([#23364](https://github.com/aws/aws-cdk/issues/23364)) ([8a7ec37](https://github.com/aws/aws-cdk/commit/8a7ec37e0085e952b59bebab1ecc880167a0691f)), closes [#23321](https://github.com/aws/aws-cdk/issues/23321) [40aws-cdk/aws-s3-deployment/lib/lambda/index.py#L64](https://github.com/40aws-cdk/aws-s3-deployment/lib/lambda/index.py/issues/L64) [40aws-cdk/aws-s3-deployment/lib/lambda/index.py#L137](https://github.com/40aws-cdk/aws-s3-deployment/lib/lambda/index.py/issues/L137)
+* **timestream:** magneticStoreWriteProperties and retentionProperties  not working as Json ([#23425](https://github.com/aws/aws-cdk/issues/23425)) ([b705224](https://github.com/aws/aws-cdk/commit/b7052242fb699ba89603ae718ae2d6b0ab9efa6f)), closes [#23404](https://github.com/aws/aws-cdk/issues/23404)
+
 ## [2.55.1](https://github.com/aws/aws-cdk/compare/v2.55.0...v2.55.1) (2022-12-16)
 
 

packages/@aws-cdk/aws-apigateway/lib/base-path-mapping.ts

@@ -56,8 +56,14 @@ export class BasePathMapping extends Resource {
     super(scope, id);
 
     if (props.basePath && !Token.isUnresolved(props.basePath)) {
-      if (!props.basePath.match(/^[a-zA-Z0-9$_.+!*'()-]+$/)) {
-        throw new Error(`A base path may only contain letters, numbers, and one of "$-_.+!*'()", received: ${props.basePath}`);
+      if (props.basePath.startsWith('/') || props.basePath.endsWith('/')) {
+        throw new Error(`A base path cannot start or end with /", received: ${props.basePath}`);
+      }
+      if (props.basePath.match(/\/{2,}/)) {
+        throw new Error(`A base path cannot have more than one consecutive /", received: ${props.basePath}`);
+      }
+      if (!props.basePath.match(/^[a-zA-Z0-9$_.+!*'()-/]+$/)) {
+        throw new Error(`A base path may only contain letters, numbers, and one of "$-_.+!*'()/", received: ${props.basePath}`);
       }
     }
 

packages/@aws-cdk/aws-apigateway/test/base-path-mapping.test.ts

@@ -8,7 +8,7 @@ describe('BasePathMapping', () => {
     // GIVEN
     const stack = new cdk.Stack();
     const api = new apigw.RestApi(stack, 'MyApi');
-    api.root.addMethod('GET'); // api must have atleast one method.
+    api.root.addMethod('GET'); // api must have at least one method.
     const domain = new apigw.DomainName(stack, 'MyDomain', {
       domainName: 'example.com',
       certificate: acm.Certificate.fromCertificateArn(stack, 'cert', 'arn:aws:acm:us-east-1:1111111:certificate/11-3336f1-44483d-adc7-9cd375c5169d'),
@@ -33,7 +33,7 @@ describe('BasePathMapping', () => {
     // GIVEN
     const stack = new cdk.Stack();
     const api = new apigw.RestApi(stack, 'MyApi');
-    api.root.addMethod('GET'); // api must have atleast one method.
+    api.root.addMethod('GET'); // api must have at least one method.
     const domain = new apigw.DomainName(stack, 'MyDomain', {
       domainName: 'example.com',
       certificate: acm.Certificate.fromCertificateArn(stack, 'cert', 'arn:aws:acm:us-east-1:1111111:certificate/11-3336f1-44483d-adc7-9cd375c5169d'),
@@ -53,19 +53,43 @@ describe('BasePathMapping', () => {
     });
   });
 
-  test('throw error for invalid basePath property', () => {
+  test('specify multi-level basePath property', () => {
     // GIVEN
     const stack = new cdk.Stack();
     const api = new apigw.RestApi(stack, 'MyApi');
-    api.root.addMethod('GET'); // api must have atleast one method.
+    api.root.addMethod('GET'); // api must have at least one method.
     const domain = new apigw.DomainName(stack, 'MyDomain', {
       domainName: 'example.com',
       certificate: acm.Certificate.fromCertificateArn(stack, 'cert', 'arn:aws:acm:us-east-1:1111111:certificate/11-3336f1-44483d-adc7-9cd375c5169d'),
       endpointType: apigw.EndpointType.REGIONAL,
     });
 
     // WHEN
-    const invalidBasePath = '/invalid-/base-path';
+    new apigw.BasePathMapping(stack, 'MyBasePath', {
+      restApi: api,
+      domainName: domain,
+      basePath: 'api/v1/example',
+    });
+
+    // THEN
+    Template.fromStack(stack).hasResourceProperties('AWS::ApiGateway::BasePathMapping', {
+      BasePath: 'api/v1/example',
+    });
+  });
+
+  test('throws when basePath contains an invalid character', () => {
+    // GIVEN
+    const stack = new cdk.Stack();
+    const api = new apigw.RestApi(stack, 'MyApi');
+    api.root.addMethod('GET'); // api must have at least one method.
+    const domain = new apigw.DomainName(stack, 'MyDomain', {
+      domainName: 'example.com',
+      certificate: acm.Certificate.fromCertificateArn(stack, 'cert', 'arn:aws:acm:us-east-1:1111111:certificate/11-3336f1-44483d-adc7-9cd375c5169d'),
+      endpointType: apigw.EndpointType.REGIONAL,
+    });
+
+    // WHEN
+    const invalidBasePath = 'invalid-/base-path?';
 
     // THEN
     expect(() => {
@@ -77,11 +101,83 @@ describe('BasePathMapping', () => {
     }).toThrowError(/base path may only contain/);
   });
 
+  test('throw error for basePath starting with /', () => {
+    // GIVEN
+    const stack = new cdk.Stack();
+    const api = new apigw.RestApi(stack, 'MyApi');
+    api.root.addMethod('GET'); // api must have at least one method.
+    const domain = new apigw.DomainName(stack, 'MyDomain', {
+      domainName: 'example.com',
+      certificate: acm.Certificate.fromCertificateArn(stack, 'cert', 'arn:aws:acm:us-east-1:1111111:certificate/11-3336f1-44483d-adc7-9cd375c5169d'),
+      endpointType: apigw.EndpointType.REGIONAL,
+    });
+
+    // WHEN
+    const invalidBasePath = '/invalid-base-path';
+
+    // THEN
+    expect(() => {
+      new apigw.BasePathMapping(stack, 'MyBasePath', {
+        restApi: api,
+        domainName: domain,
+        basePath: invalidBasePath,
+      });
+    }).toThrowError(/A base path cannot start or end with/);
+  });
+
+  test('throw error for basePath ending with /', () => {
+    // GIVEN
+    const stack = new cdk.Stack();
+    const api = new apigw.RestApi(stack, 'MyApi');
+    api.root.addMethod('GET'); // api must have at least one method.
+    const domain = new apigw.DomainName(stack, 'MyDomain', {
+      domainName: 'example.com',
+      certificate: acm.Certificate.fromCertificateArn(stack, 'cert', 'arn:aws:acm:us-east-1:1111111:certificate/11-3336f1-44483d-adc7-9cd375c5169d'),
+      endpointType: apigw.EndpointType.REGIONAL,
+    });
+
+    // WHEN
+    const invalidBasePath = 'invalid-base-path/';
+
+    // THEN
+    expect(() => {
+      new apigw.BasePathMapping(stack, 'MyBasePath', {
+        restApi: api,
+        domainName: domain,
+        basePath: invalidBasePath,
+      });
+    }).toThrowError(/A base path cannot start or end with/);
+  });
+
+  test('throw error for basePath containing more than one consecutive /', () => {
+    // GIVEN
+    const stack = new cdk.Stack();
+    const api = new apigw.RestApi(stack, 'MyApi');
+    api.root.addMethod('GET'); // api must have at least one method.
+    const domain = new apigw.DomainName(stack, 'MyDomain', {
+      domainName: 'example.com',
+      certificate: acm.Certificate.fromCertificateArn(stack, 'cert', 'arn:aws:acm:us-east-1:1111111:certificate/11-3336f1-44483d-adc7-9cd375c5169d'),
+      endpointType: apigw.EndpointType.REGIONAL,
+    });
+
+    // WHEN
+    const invalidBasePath = 'in//valid-base-path';
+
+    // THEN
+    expect(() => {
+      new apigw.BasePathMapping(stack, 'MyBasePath', {
+        restApi: api,
+        domainName: domain,
+        basePath: invalidBasePath,
+      });
+    }).toThrowError(/A base path cannot have more than one consecutive \//);
+  });
+
   test('specify stage property', () => {
     // GIVEN
     const stack = new cdk.Stack();
     const api = new apigw.RestApi(stack, 'MyApi');
-    api.root.addMethod('GET'); // api must have atleast one method.
+    api.root.addMethod('GET'); // api must have at least one method.
     const domain = new apigw.DomainName(stack, 'MyDomain', {
       domainName: 'example.com',
       certificate: acm.Certificate.fromCertificateArn(stack, 'cert', 'arn:aws:acm:us-east-1:1111111:certificate/11-3336f1-44483d-adc7-9cd375c5169d'),
@@ -111,7 +207,7 @@ describe('BasePathMapping', () => {
     // GIVEN
     const stack = new cdk.Stack();
     const api = new apigw.RestApi(stack, 'MyApi');
-    api.root.addMethod('GET'); // api must have atleast one method.
+    api.root.addMethod('GET'); // api must have at least one method.
     const domain = new apigw.DomainName(stack, 'MyDomain', {
       domainName: 'example.com',
       certificate: acm.Certificate.fromCertificateArn(stack, 'cert', 'arn:aws:acm:us-east-1:1111111:certificate/11-3336f1-44483d-adc7-9cd375c5169d'),

packages/@aws-cdk/aws-apigateway/test/integ.base-path-mapping.js.snapshot/manifest.json

@@ -81,6 +81,12 @@
             "data": "MappingTwo551C79ED"
           }
         ],
+        "/test-stack/MappingThree/Resource": [
+          {
+            "type": "aws:cdk:logicalId",
+            "data": "MappingThree36BBA1B6"
+          }
+        ],
         "/test-stack/BootstrapVersion": [
           {
             "type": "aws:cdk:logicalId",

packages/@aws-cdk/aws-apigateway/test/integ.base-path-mapping.js.snapshot/test-stack.template.json

@@ -70,6 +70,16 @@
      "Ref": "ApiF70053CD"
     }
    }
+  },
+  "MappingThree36BBA1B6": {
+   "Type": "AWS::ApiGateway::BasePathMapping",
+   "Properties": {
+    "DomainName": "domainName",
+    "BasePath": "api/v1/multi-level-path",
+    "RestApiId": {
+     "Ref": "ApiF70053CD"
+    }
+   }
   }
  },
  "Outputs": {

packages/@aws-cdk/aws-apigateway/test/integ.base-path-mapping.js.snapshot/tree.json

@@ -217,6 +217,34 @@
               "fqn": "@aws-cdk/aws-apigateway.BasePathMapping",
               "version": "0.0.0"
             }
+          },
+          "MappingThree": {
+            "id": "MappingThree",
+            "path": "test-stack/MappingThree",
+            "children": {
+              "Resource": {
+                "id": "Resource",
+                "path": "test-stack/MappingThree/Resource",
+                "attributes": {
+                  "aws:cdk:cloudformation:type": "AWS::ApiGateway::BasePathMapping",
+                  "aws:cdk:cloudformation:props": {
+                    "domainName": "domainName",
+                    "basePath": "path",
+                    "restApiId": {
+                      "Ref": "ApiF70053CD"
+                    }
+                  }
+                },
+                "constructInfo": {
+                  "fqn": "@aws-cdk/aws-apigateway.CfnBasePathMapping",
+                  "version": "0.0.0"
+                }
+              }
+            },
+            "constructInfo": {
+              "fqn": "@aws-cdk/aws-apigateway.BasePathMapping",
+              "version": "0.0.0"
+            }
           }
         },
         "constructInfo": {

packages/@aws-cdk/aws-apigateway/test/integ.base-path-mapping.ts

@@ -27,6 +27,13 @@ export class TestStack extends cdk.Stack {
       basePath: 'path',
       attachToStage: false,
     });
+
+    new apigateway.BasePathMapping(this, 'MappingThree', {
+      domainName,
+      restApi,
+      basePath: 'api/v1/multi-level-path',
+      attachToStage: false,
+    });
   }
 }
 

packages/@aws-cdk/aws-appsync/lib/appsync-function.ts

@@ -142,7 +142,7 @@ export class AppsyncFunction extends Resource implements IAppsyncFunction {
     this.functionId = this.function.attrFunctionId;
     this.dataSource = props.dataSource;
 
-    this.function.addDependsOn(this.dataSource.ds);
+    this.function.addDependency(this.dataSource.ds);
     props.api.addSchemaDependency(this.function);
   }
-}
+}

packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts

@@ -518,15 +518,15 @@ export class GraphqlApi extends GraphqlApiBase {
         apiId: this.apiId,
       });
 
-      domainNameAssociation.addDependsOn(this.domainNameResource);
+      domainNameAssociation.addDependency(this.domainNameResource);
     }
 
     if (modes.some((mode) => mode.authorizationType === AuthorizationType.API_KEY)) {
       const config = modes.find((mode: AuthorizationMode) => {
         return mode.authorizationType === AuthorizationType.API_KEY && mode.apiKeyConfig;
       })?.apiKeyConfig;
       this.apiKeyResource = this.createAPIKey(config);
-      this.apiKeyResource.addDependsOn(this.schemaResource);
+      this.apiKeyResource.addDependency(this.schemaResource);
       this.apiKey = this.apiKeyResource.attrApiKey;
     }
 
@@ -631,7 +631,7 @@ export class GraphqlApi extends GraphqlApiBase {
    * @param construct the dependee
    */
   public addSchemaDependency(construct: CfnResource): boolean {
-    construct.addDependsOn(this.schemaResource);
+    construct.addDependency(this.schemaResource);
     return true;
   }
 

packages/@aws-cdk/aws-appsync/lib/resolver.ts

@@ -122,7 +122,7 @@ export class Resolver extends Construct {
     });
     props.api.addSchemaDependency(this.resolver);
     if (props.dataSource) {
-      this.resolver.addDependsOn(props.dataSource.ds);
+      this.resolver.addDependency(props.dataSource.ds);
     }
     this.arn = this.resolver.attrResolverArn;
   }

packages/@aws-cdk/aws-autoscaling/lib/auto-scaling-group.ts

@@ -985,6 +985,7 @@ abstract class AutoScalingGroupBase extends Resource implements IAutoScalingGrou
   public abstract readonly osType: ec2.OperatingSystemType;
   protected albTargetGroup?: elbv2.ApplicationTargetGroup;
   public readonly grantPrincipal: iam.IPrincipal = new iam.UnknownPrincipal({ resource: this });
+  protected hasCalledScaleOnRequestCount: boolean = false;
 
   /**
    * Send a message to either an SQS queue or SNS topic when instances launch or terminate
@@ -1088,6 +1089,7 @@ abstract class AutoScalingGroupBase extends Resource implements IAutoScalingGrou
     });
 
     policy.node.addDependency(this.albTargetGroup.loadBalancerAttached);
+    this.hasCalledScaleOnRequestCount = true;
     return policy;
   }
 
@@ -1388,6 +1390,8 @@ export class AutoScalingGroup extends AutoScalingGroupBase implements
     if (props.requireImdsv2) {
       Aspects.of(this).add(new AutoScalingGroupRequireImdsv2Aspect());
     }
+
+    this.node.addValidation({ validate: () => this.validateTargetGroup() });
   }
 
   /**
@@ -1415,10 +1419,6 @@ export class AutoScalingGroup extends AutoScalingGroupBase implements
    * Attach to ELBv2 Application Target Group
    */
   public attachToApplicationTargetGroup(targetGroup: elbv2.IApplicationTargetGroup): elbv2.LoadBalancerTargetProps {
-    if (this.albTargetGroup !== undefined) {
-      throw new Error('Cannot add AutoScalingGroup to 2nd Target Group');
-    }
-
     this.targetGroupArns.push(targetGroup.targetGroupArn);
     if (targetGroup instanceof elbv2.ApplicationTargetGroup) {
       // Copy onto self if it's a concrete type. We need this for autoscaling
@@ -1765,6 +1765,16 @@ export class AutoScalingGroup extends AutoScalingGroupBase implements
       };
     }
   }
+
+
+  private validateTargetGroup(): string[] {
+    const errors = new Array<string>();
+    if (this.hasCalledScaleOnRequestCount && this.targetGroupArns.length > 1) {
+      errors.push('Cannon use multiple target groups if `scaleOnRequestCount()` is being used.');
+    }
+
+    return errors;
+  }
 }
 
 /**