chore(release): 2.47.0 #22578
Merged
chore(release): 2.47.0 #22578
+14,317
−1,571
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
I found a vpc endpoint that could not be configured. I found one vpc endpoint that could not be configured and added it.
- This was too many, so I configured "one endpoint for each service".
- I added a docstring because I get the following error during build
`error: [awslint:docs-public-apis:@aws-cdk/aws-ec2.InterfaceVpcEndpointAwsService.APPLICATION_MIGRATION_SERVICE] Public API element must have a docstring`
- I will add chore commits to the existing ones when there is room somewhere.
----
### All Submissions:
* [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md)
### Adding new Unconventional Dependencies:
* [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies)
### New Features
* [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)?
* [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)?
*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…a policy statement (#21906) ## Bug Description The validation for actions/nonActions currently only exists in the constructor of the PolicyStatement class as shown below - https://github.com/aws/aws-cdk/blob/56ba2ab2c2d9240b76ece17c3296488a63f0b232/packages/%40aws-cdk/aws-iam/lib/policy-statement.ts#L88-L95 The above validation is missing when we add an action/nonAction post instantiation of the IAM policy statement leading to discrepancy in the behaviour. The following snippet doesn't throw any error - ```typescript const statement = new iam.PolicyStatement({ resources: ['*'] }); statement.addActions('action'); statement.addNonActions('nonaction'); ``` ## Solution - Refactored the validation in the constructor into a separate private method called `validatePolicyActions()` - Executing this new validation method in the `addActions()` and `addNonActions()` - Fixed existing unit tests which assumed the above behaviour fixes #21821 ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
feat(config) #21441 I have created a `new config.CustomPolicy` so that this functionality is available in L2 Constructs. The resources that can currently be created with `AWS::Config::ConfigRule` can be created with `config.CustomRule` and `config.ManagedRule` in the CDK. This is because the restrictions on the various properties are different. CustomPolicy has different constraints compared to CustomRule as follows. - There is a restriction on the format that can be selected in `SourceDetails`. - [docs](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-config-configrule-source.html) - Properties that refer to Lambda are unnecessary. - `CustomPolicyDetails` must be specified. - [docs](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-config-configrule-source-sourcedetails.html) To avoid this limitation and complexity, `CustomPolicy` can be separated, making it more convenient for users. It also reduces the dependence on each rule type for updates during maintenance. ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [x] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [x] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…with `$[` (#22472) `JsonPath.listAt` doest not accept strings starting with `$[`. When going through a parallel task, the result is an array and to work with it, it needs to be referenced through strings starting with `$[` This problem particularly affects cases where we want to work with String Sets in DynamoDB where the `DynamoAttributeValue.fromStringSet` function expects an array via the `JsonPath.listAt` function Closes #22471 ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [x] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…luster (#22499) Allows users to enable enhanced VPC routing when creating a Redshift cluster. ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [x] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…22510) For this integration test, we want to include the asset hash in the diff. Because the asset is the only thing that ever changes! On a minor version update of the awscli, we should make sure that the Layer still deploys and has awscli installed correctly. ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [x] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Bumps [hmarr/auto-approve-action](https://github.com/hmarr/auto-approve-action) from 2.4.0 to 3.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/hmarr/auto-approve-action/releases">hmarr/auto-approve-action's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update actions runner node install to v16 by <a href="https://github.com/lelia"><code>@lelia</code></a> in <a href="https://github-redirect.dependabot.com/hmarr/auto-approve-action/pull/205">hmarr/auto-approve-action#205</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/hmarr/auto-approve-action/compare/v2.4.0...v3.0.0">https://github.com/hmarr/auto-approve-action/compare/v2.4.0...v3.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/hmarr/auto-approve-action/commit/a2e6f2a0ccf5c63ef8754de360464edbf47e66ee"><code>a2e6f2a</code></a> Update actions runner node install to v16 (<a href="https://github-redirect.dependabot.com/hmarr/auto-approve-action/issues/205">#205</a>)</li> <li><a href="https://github.com/hmarr/auto-approve-action/commit/0474e12818d98665ba0fb2001ef8fb33704cdf80"><code>0474e12</code></a> Start v3 branch</li> <li><a href="https://github.com/hmarr/auto-approve-action/commit/b40d6c9ed2fa10c9a2749eca7eb004418a705501"><code>b40d6c9</code></a> Promote <code>if</code> to job level (<a href="https://github-redirect.dependabot.com/hmarr/auto-approve-action/issues/204">#204</a>)</li> <li><a href="https://github.com/hmarr/auto-approve-action/commit/b0011f5689ebf3715c5156d34498fde052693a67"><code>b0011f5</code></a> Add note about Dependabot and secrets access</li> <li><a href="https://github.com/hmarr/auto-approve-action/commit/1cac024a6522bc746ff2796dffd4537db1f37425"><code>1cac024</code></a> Specify scope required for PAT in README</li> <li>See full diff in <a href="https://github.com/hmarr/auto-approve-action/compare/v2.4.0...v3.0.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
This PR adds support for multi-level paths in api mappings for custom domains. This is a unique case because in order to create multi-level mappings for RestApis (ApiGateway v1) you have to use the ApiGateway v2 API. The aws-apigatewayv2 package is currently an alpha module so this cannot depend on that module which is why I used the L1 level to implement this support. I thought about deprecating the v1 api (BasePathMapping), but that is still a valid API (and is required if you have an EDGE domain name). The experience I landed on was to mostly make it transparent to users. When users create a DomainName, it will now create either a BasePathMapping or an ApiMapping depending on whether they provide a multi-level basePath. I did have to introduce a new `addApiMapping` method since `addBasePathMapping` has a return type of `BasePathMapping`. I also removed the validation that prevented users from adding additional basePaths if a (none) basePath was already created. It seems like that limitation was removed at some point and I have added an integration test to confirm. fixes #15904 ---- ### All Submissions: * [ ] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…user pools (#22444) Create the permission in the scope of the user pool instead of the lambda function. Integ tests contain destructive changes for the permissions because of the new logical IDs. This should not cause any downtime since the new permission is created first. Fixes #22315 ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [x] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
- [Amazon RDS for MariaDB supports new minor versions 10.5.17, 10.4.26, 10.3.36](https://aws.amazon.com/about-aws/whats-new/2022/09/amazon-rds-mariadb-new-minor-versions/) - [Amazon Aurora supports PostgreSQL 14.4 version](https://aws.amazon.com/about-aws/whats-new/2022/10/amazon-aurora-postgresql-14-4-version/) - [Amazon RDS for PostgreSQL supports new minor version 14.4](https://aws.amazon.com/about-aws/whats-new/2022/09/amazon-rds-postgresql-supports-new-minor-version-14-4/) - Updated the status of what was marked as deprecated in the future ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…22540) ---- ### All Submissions: * [ ] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…mespaces (#22092) ---- ### All Submissions: * [ ] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
fixes #17582 because the id of ".addPermission" is set to a fixed value of ″permission″, which means that only one can be set in the stack. 1. and add a unique suffix to the id. This will allow multiple custom rules to be handled in one stack. 2. Do the id check before addPermission. This will allow only one permission to be granted to a custom rule from the config service. Addendum:. I have created a hash from FunctionName, AccountID, and Region to make the suffix unique. Therefore, the omitted parts in the test code have been modified to fix the result. ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Currently, the `prlint` tool lists the files on a PR to enforce new integration tests are created for `feat` changes. The tool is not using pagination for list files and is using the default of `30` files per page. This means a PR could be incorrectly flagged for missing integration tests if the test files occur after the first 30 files in the PR. Example of this can be seen in #22455 This PR enables pagination on the `listFiles` call to ensure the validation rules are looking at all files in the PR, not just the first 30. ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…ll (#22512) This is another attempt at fixing #22012. #22398 intended to fix it, but the issue still occurs when building on arm64 machines with both `compatible_runtimes=[lambdas.Runtime.PYTHON_3_9]` and `compatible_architectures=[lambdas.Architecture.ARM_64]` The core problem is that the build leaves root-owned files under `/tmp/pip-cache`, which then cause permission problems when subsequent layers calling `pip install` are unable to create temporary directories. Example error: ``` WARNING: Building wheel for alembic-utils failed: [Errno 13] Permission denied: '/tmp/pip-cache/wheels/5c' ``` Expanding on the idea within #22398, this PR adds one more step to the chain of operations, removing any temporary files from the cache that are no longer needed (because the packages are now installed), and ensuring that subsequent layers are able to create temporary files inside the cache directories. Comparing the contents of the Docker image before and after this change... Before: ``` $ ls -aFl /tmp/*cache /tmp/pip-cache: total 16 drwxrwxrwx 4 root root 4096 Oct 15 00:57 ./ drwxrwxrwt 1 root root 4096 Oct 15 00:58 ../ drwxr-xr-x 18 root root 4096 Oct 15 00:57 http/ drwxr-xr-x 2 root root 4096 Oct 15 00:57 selfcheck/ /tmp/poetry-cache: total 8 drwxrwxrwx 2 root root 4096 Oct 15 00:57 ./ drwxrwxrwt 1 root root 4096 Oct 15 00:58 ../ ``` After: ``` $ ls -aFl /tmp/*cache /tmp/pip-cache: total 8 drwxrwxrwx 2 root root 4096 Oct 15 01:00 ./ drwxrwxrwt 1 root root 4096 Oct 15 01:00 ../ /tmp/poetry-cache: total 8 drwxrwxrwx 2 root root 4096 Oct 15 00:59 ./ drwxrwxrwt 1 root root 4096 Oct 15 01:00 ../ ``` ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [x] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Dashboards do not contain their region in the ARN, as shown in the Cloudwatch documentation [1]. Using ARNs with the region will cause operations like GetDashboard (used by, for example, the dashboard sharing mechanism) to fail with an AccessDenied. [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudwatch.html#amazoncloudwatch-dashboard I ran into this while deploying resources to share a dashboard using a Cognito user pool. One of the permissions it requires is GetDashboard, and I kept receiving `AccessDenied`s when trying to open a shared dashboard link. I'm currently working around this by building the ARN myself, the same way it's built in this PR, by passing an empty `region` to the `formatArn` function ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.
… resources with colon (#22531) This PR adjusts the validation rules for path parts in resources created using the APIGateway library to allow the use of colons in pathParts, as requested in #22477. This enables the creation of resources with paths such as `events:batch` (from the reproduction steps in the related issue). An existing resource unit test (`'url for a resource'`) has been updated to ensure that a colon in a pathPart does not throw an error and properly reflects in the output of `RestApi.urlForPath`. The integration test `integ.restapi` has also been updated, wherein the `appliances` resource now has a path of `appliances:all` instead of `appliances`. If this is the wrong place to test the fix, I will gladly create a new resource to test on, or a new test altogether. Closes #22477. ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [x] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Dropping invalid HTTP headers is recommended and also appears in Security Hub controls as [ELB.4](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-fsbp-controls.html#fsbp-elb-4) Attribute document: https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_LoadBalancerAttribute.html ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
… blcok. (#22532) From: https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html?using-iam-rs-vpc `108.136.221.64/27 for Asia Pacific (Jakarta)`
Added interface VPC endpoint for SES to InterfaceVpcEndpointAwsService to make it easier to implement ones SES VPC endpoint: https://docs.aws.amazon.com/ses/latest/dg/send-email-set-up-vpc-endpoints.html ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Fixes the issue #22344 I reworked the approach of calling `exec` by splitting each command in hook to the command itself and it's arguments. All hooks were affected: preDeploy, postDeploy, preDestroy, postDestroy. ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…n using importing (#22554) Closes #22546. Verified via TDD with new unit test. Before the change, the unit test failed, replicating the bug in the issue with output: ```plain FAIL test/profiling-group.test.js profiling group ✓ attach read permission to Profiling group via fromProfilingGroupArn (71 ms) ✓ attach publish permission to Profiling group via fromProfilingGroupName (27 ms) ✕ use name specified via fromProfilingGroupName (8 ms) ✓ default profiling group (21 ms) ✓ allows setting its ComputePlatform (14 ms) ✓ default profiling group without name (13 ms) ✓ default profiling group without name when name exceeding limit is generated (18 ms) ✓ grant publish permissions profiling group (25 ms) ✓ grant read permissions profiling group (25 ms) ● profiling group › use specified via name via fromProfilingGroupName expect(received).toEqual(expected) // deep equality Expected: "MyAwesomeProfilingGroup" Received: "profilingGroup" 174 | 175 | const profilingGroup = ProfilingGroup.fromProfilingGroupName(stack, 'MyProfilingGroup', 'MyAwesomeProfilingGroup'); > 176 | expect(profilingGroup.profilingGroupName).toEqual('MyAwesomeProfilingGroup'); | ^ 177 | }); 178 | 179 | test('default profiling group', () => { at Object.<anonymous> (test/profiling-group.test.ts:176:47) ``` ---- ### All Submissions: * [Yes] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [No] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [N/A] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…2339) closes #22323 To avoid unhandled rejections, we run promises just before we call `Promise.all`. The concern of this fix is that hotswap process may take longer time because now async tasks run lazily. However I don't think it will be a big problem since those tasks are not I/O bound, so most of them are already running sequentially, not in parallel. ---- ### All Submissions: * [X] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Change all `deploymentConfig` static method implementations on `EcsDeploymentConfig`, `LambdaDeploymentConfig`, and `ServerDeploymentConfig` to return their corresponding specific interfaces instead of `IBaseDeploymentConfig`. This reverts breaking changes to Java users introduced in #22159 Fixes #22566 ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
aws-cdk-automation
added
auto-approve
pr/no-squash
|
|
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be automatically updated and merged without squashing (do not update manually, and be sure to allow changes to be pushed to your fork). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See CHANGELOG