v2.122.0

Features

• CodePipelineActions: Add support for custom events in CodeCommit source action (#28008) (c3802c4), closes #12045
• ec2: add dual stack vpc support (#28480) (caf83f1), closes #894
• ecs: L2 for ebs task attach (#28691) (fc0a89a)
• ecs: support for capacity provider managed instance draining (#28672) (aaa2a09)
• efs: One-Zone filesystem (#28501) (c0085d5), closes /github.com/aws/aws-cdk/issues/15864#issuecomment-895483167 #15864
• efs: transition to archive for FileSystem (#28719) (03c08b0), closes #28720
• elbv2: Implement IConnectable to NLB (#28494) (1e69cc6), closes #26735
• firehose-destinations-alpha: support zero buffering (#28716) (db2e78e), closes #28714
• lambda: deprecate logRetention properties in favor of logGroup (#28737) (4a09720)
• rds: Add log group property to RDS instance and RDS cluster (#28676) (9aa7281)
• route53: weighted routing (#28705) (4a0c24d), closes #26753
• update L1 CloudFormation resource definitions (#28677) (b2c60cb), closes /docs.aws.amazon.com/transfer/latest/userguide/create-b2b-server.html#configure-as2
• update L1 CloudFormation resource definitions (#28684) (cbe2378), closes /docs.aws.amazon.com/kendra/latest/dg/ds-schemas.html#ds-s3

Bug Fixes

• cli: program execution fails without debug information (#28687) (8fbd385)
• cli: running the cli with --debug does not print stack traces (#28669) (dd04725)
• cloudformation-diff: Fix aws-sdk dependency issue (#28680) (109b2ab), closes #28679
• ec2: max iops value for io2 EBS volume is wrong (#28695) (a30a205), closes /docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-volume.html#cfn-ec2
• ecs: EC2 metadata access is blocked when using EC2 capacity provider for autoscaling (#28437) (30a0d33), closes /github.com/aws/aws-cdk/blame/2d9de189e583186f2b77386ae4fcfff42c864568/packages/aws-cdk-lib/aws-ecs/lib/cluster.ts#L502-L504 #28270 #28270
• lambda: circular dependencies when EFS and Lambda are deployed in separate stacks (#28560) (6e9045f), closes /github.com/aws/aws-cdk/blob/dde59755cb71aee73a58f3b2c2068f2ae01e9b72/packages/aws-cdk-lib/aws-lambda/lib/function.ts#L1416 /github.com/aws/aws-cdk/blob/dde59755cb71aee73a58f3b2c2068f2ae01e9b72/packages/aws-cdk-lib/aws-ec2/lib/connections.ts#L157 /github.com/aws/aws-cdk/blob/dde59755cb71aee73a58f3b2c2068f2ae01e9b72/packages/aws-cdk-lib/aws-ec2/lib/security-group.ts#L84 /github.com/aws/aws-cdk/blob/dde59755cb71aee73a58f3b2c2068f2ae01e9b72/packages/aws-cdk-lib/aws-ec2/lib/connections.ts#L139 /github.com/aws/aws-cdk/blob/dde59755cb71aee73a58f3b2c2068f2ae01e9b72/packages/aws-cdk-lib/aws-ec2/lib/connections.ts#L141 #18759
• opensearchservice: OpenSearchAccessPolicy unnecessarily attempts to install latest sdk version (#28688) (d07deec)
• rds: RDS Parameter Group doesn't support custom removal policy (#28660) (617a595)

Reverts

• allowing log group config for SFN CR (#28699) (8a67f39), closes #27310

---

Alpha modules (2.122.0-alpha.0)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

• appconfig: deploymentStrategyId prop in fromDeploymentStrategyId now takes a DeploymentStrategyId rather than a string. To import a predefined deployment strategy id, use DeploymentStrategyId.CANARY_10_PERCENT_20_MINUTES. Otherwise, use DeploymentStrategyId.fromString('abc123').
• appconfig: ApplicationProps.name renamed to ApplicationProps.applicationName
  • appconfig: EnvironmentProps.name renamed to EnvironmentProps.environmentName
  • appconfig: DeploymentStrategyProps.name renamed to DeploymentStrategyProps.deploymentStrategyName
  • appconfig: ExtensionProps.name renamed to ExtensionProps.extensionName

Bug Fixes

• amplify: addBranch fails synth with "cannot find entry file..." (#28658) (0f2b8f8), closes #27955 #28633 #28089
• appconfig: fromDeploymentStrategyId takes an enum-like class rather than a string (#28743) (2b59ed1), closes #28671
• appconfig: prefix names with resource name (#28742) (3960720), closes #28671

v2.121.1

Reverts

• allowing log group config for SFN CR (#28699) (f3f217e), closes #27310

---

Alpha modules (2.121.1-alpha.0)

v2.121.0

Features

• ec2: add dual stack vpc support (#28480) (754fd99), closes #894

---

Alpha modules (2.121.0-alpha.0)

v2.120.0

Features

• ecs: support for capacity provider managed instance draining (#28672) (cf97f47)

---

Alpha modules (2.120.0-alpha.0)

v2.119.0

Features

• certificatemanager: key algorithm support for PrivateCertificate and Certificate (#28597) (1822cc9), closes #22887
• cli: option to ignore no stacks (#28387) (37c79b9), closes #28371
• cloudwatch-actions: support alarm lambda action (#28484) (b9f4923), closes #28483
• codebuild: X-Large Linux compute type (#28642) (7912d88)
• opensearchservice: TLS security policy for TLS 1.3 and perfect forward secrecy (#28583) (9cf9baa)
• pipelines: expose crossRegionReplicationBuckets (#28447) (d184ac2), closes #28446
• rds: RDS for SQL Server 15.00.4345.5.v1 (#28614) (0f38b6e)
• rds: RDS for SQL Server 16 without a specific minor version (#28615) (382d261)
• signer: Notation-OCI-SHA384-ECDSA platform (#28612) (d7aa196), closes #28580
• update L1 CloudFormation resource definitions (#28613) (fdf4830)

Bug Fixes

• cli: cdk diff falsely reports resource replacements on trivial template changes (#28336) (10ed194)
• core: single-file bundling breaks due to left over temp dir (#28566) (a74aacf)
• ec2: passing keypair to instance unexpectedly does nothing (#28482) (22e6ce8), closes #28478
• ecs: unnecessary CloudWatch logs ResourcePolicy (#28495) (5f96d13), #22307 #20313
• stepfunctions: retry block in CustomState is always empty (#28598) (0042e53), closes #28586

---

Alpha modules (2.119.0-alpha.0)

Features

• neptune-alpha: engineVersion v1.3 (#28647) (957598b), closes #28648

v2.118.0

Features

• appsync: IntrospectionConfig property (#28500) (98ed6b3), closes #28429
• autoscaling: add support for InstanceRequirements property (#28464) (276e3a6), closes #28393
• cloudfront: CloudFront Function runtime property (#28099) (9b466ae), closes #28163
• cloudfront: Key Value Store L2 (#28473) (030db42), closes #28377
• codepipeline-actions: more convenient methods to CacheControl (#28491) (a59dc0c), closes #25477
• ecs: interactive option in ContainerDefinitionOptions (#28536) (1f9788f), closes #24326
• ecs: enable cluster to grant task protection API permissions to IAM entities (#28486) (9bc972b), closes #26233
• ecs: nvidia support to BottlerocketEcsVariant enum for gpu-accelerated tasks (#28488) (832e29a), closes #25980
• iam: validate roleName (#28509) (999c01a), closes #28502
• opensearchservice: ip address type for domain (#28497) (6b80338), closes #28436
• rds: timeout and timeoutAction properties to ServerlessCluster (#28534) (508825b), closes #27183
• rds: ClientPasswordAuthType property on DatabaseProxy (#28540) (669e6ff), closes #28415
• rds: new Aurora Postgres engine versions (#28508) (9d8b06f)
• stepfunctions-tasks: add timeout parameter for EmrCreateCluster (#28532) (ca91626), closes /github.com/aws/aws-cdk/pull/28529#discussion_r1438587964
• stepfunctions-tasks: add validations for EmrCreateCluster (#28529) (e0b725c)
• stepfunctions-tasks: additional allocation strategies for spot instance fleets in EmrCreateCluster (#28525) (94003ec)

Bug Fixes

• cli: direct deploy method fails when there are no updates (#28523) (dde5975), closes /github.com/aws/aws-cdk/blob/9d8b06f6478a98e01e3aaa86c1dbf22d6e861f05/packages/aws-cdk/lib/api/util/cloudformation.ts#L290-L296
• events: event bus fails with duplicate policy resource (#28521) (166967f), closes #27340 #28520
• iam: withConditions overrides Principal actions (#28510) (0b345c5), closes #28426
• rds: circular dependencies when creating multiple DatabaseProxies (#28471) (a12d9eb), closes /github.com/aws/aws-cdk/blob/cd54c4239ec29182e30fd91634505df560d6e5f8/packages/aws-cdk-lib/aws-rds/lib/cluster.ts#L446 #25633

---

Alpha modules (2.118.0-alpha.0)

Features

• glue: database description property (#27744) (cbac240), closes #27740
• glue-alpha: add cfn-glue-table-tableinput-parameters to Glue table construct (#27643) (8e15482)

Bug Fixes

• lambda-go: path with space breaks go build (#28554) (a8a639e), closes #28555

v2.117.0

Features

• update L1 CloudFormation resource definitions (#28489) (607dccb), closes /docs.aws.amazon.com/datasync/latest/userguide/working-with-locations.html#create-s3
• api-gateway-v2: Add method to generate flexible execute-api ARN (#28400) (0932027), closes #23301
• autoscaling: instance maintenance policy for AutoScalingGroup (#28092) (5eb2c26), closes #28042
• codebuild: Lambda compute for codebuild projects (#27934) (a4a4c6f), closes #28418
• core: option to disable cache for docker build (#27944) (84d81b6), closes #27916
• ec2: trn1 instance type (#28477) (ed02d5c)
• ecs: Implement method in ECS cluster to retrieve task ARN (#28381) (7635bbc), closes #26232
• ecs-patterns: support disabling CPU-based scaling and custom target utilization (#28315) (3cb3e02), closes #20706 #20706
• elasticloadbalancingv2: dualstack NetworkLoadBalancer (#27546) (e03a41f), closes /docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#cfn-elasticloadbalancingv2 #27538
• elasticloadbalancingv2: FIPS compliant SSL policy to ALB (#28479) (7bb72e1), closes #28455
• globalaccelerator: add support for ip addresses and type (#28055) (943abe8), closes #28051 #28209
• ses: synth-time naming validation for dedicatedIpPoolName (#28466) (be6ddb8), closes #28451

Bug Fixes

• core: core constructs fail with Error: Cannot find module '../dist/core/<file>.generated' (#28467) (cd54c42), closes #28251 #28465
• ecs-patterns: ApplicationMultipleTargetGroupsEc2Service ignores load balancer name (#28394) (9c0fecf), closes #23535

---

Alpha modules (2.117.0-alpha.0)

Bug Fixes

• lambda-python-alpha: bundling hash logic includes auth tokens in PIP urls, causing an unnecessary rebuild (#27903) (00331a7), closes #27331
• lambda-python-alpha: use function architecture (#18696) (#28449) (c724d27)

v2.116.1

Bug Fixes

• core: core constructs fail with Error: Cannot find module '../dist/core/<file>.generated' (#28467) (e8be128), closes #28251 #28465

---

Alpha modules (2.116.1-alpha.0)

v2.116.0

Features

• apigateway: validate integrationHttpMethod with non-MOCK integration types (#28316) (93cb6e4)
• ec2: support creating key pairs (#28138) (6b3caff), closes #5252
• ecr: Add emptyOnDelete CloudFormation property to Repository L2 construct (#28233) (a175da8), closes #24572 #28196
• ecr: tag pattern list for lifecycle policy (#28432) (aa075cd)
• ecs: log retention for FireLensLogDriver (#28354) (52a5579), closes /github.com/aws/aws-cdk/blob/db22b85c9b2a853aa2f830c182a340f0bcf95d1a/packages/aws-cdk-lib/aws-ecs/lib/base/task-definition.ts#L816 /github.com/aws/aws-cdk/blob/db22b85c9b2a853aa2f830c182a340f0bcf95d1a/packages/aws-cdk-lib/aws-ecs/lib/firelens-log-router.ts#L170 #28258
• ecs: Support specifying revision of task definition (#27036) (de0d77b), closes #26983
• events: add multiple event bus policies on a single event bus (#27340) (4dde502), closes #24671
• rds: support aurora mysql 3.05.1 (#28370) (986db38)
• ses: add scalingMode property to dedicated ip pool (#28392) (c687778), closes #27418
• sns: delivery status logging configuration (#28433) (36bb696), closes #21971
• stepfunctions: CustomState addCatch (#28422) (cf923bc), closes #25798
• stepfunctions: support Map ItemProcessor (#27913) (ac41730), closes #27878
• stepfunctions-tasks: EMR createCluster command support OnDemandSpecification (#27791) (73a5e74), closes #27761
• implement code generated handler framework (#28251) (1a9c30e), closes #27303
• update AWS Service Spec (#28407) (fcb701c)

Bug Fixes

• core: messages from annotations.ts can show up as [object Object] (#28414) (3e6f10d)
• custom-resources: cannot set logging for state machine generated in CompleteHandler (#27310) (bfeef00), closes #27283
• ecs-patterns: taskDefinition ignored by queueProcessingFargateService (#28220) (5d6b8ee), closes #27360
• eks: neuron plugin not added with addNodegroupCapacity() (#27909) (b87212b)
• events-targets: imported sqs queue cannot be used as a rule dlq (#28165) (#28285) (588b106)
• iam: importedRoleStackSafeDefaultPolicyName feature flag results in excessively long IAM policy names (#27548) (4f88db6), closes #27409 #24441
• logs: adding a resource policy statement with AnyPrincipal fails (#27787) (0b2ba1c), closes #27783
• s3-notifications: multiple notifications doesn't work (#28132) (37be7b9)
• secretsmanager: cannot set hourly rotation (#28303) (09cb003), closes #28261
• secretsmanager: hosted rotation with fromSecretNameV2() does not create correct iam policy (#28379) (4ab5bb2), closes #28308

---

Alpha modules (2.116.0-alpha.0)

Features

• scheduler: flexible time windows (#28098) (6554e48)
• scheduler-targets: add CodePipeline as target for scheduler (#27799) (8c44f32), closes #27449

Bug Fixes

• integ-tests: apply correct IAM policy to waiterProvider (#28424) (c488035), closes 40aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts#L136 40aws-cdk/integ-tests-alpha/lib/assertions/sdk.ts#L247 #27865
• lambda-python-alpha: pipenv lock -r is no longer supported (#28317) (f85f486), closes #28015 /github.com/pypa/pipenv/blob/main/CHANGELOG.md#2022813-2022-08-13 #28015

v2.115.0

Features

• eks: support Bottlerocket Nvidia AMIs (#28287) (6aa1b1b), closes #28241
• rds: support RDS for MariaDB 10.11.6, 10.6.16, 10.5.23 and 10.4.32 (#28345) (0347a19)
• rds: support RDS for SQL Server 16.00.4095.4.v1 (#28274) (7a22501)
• stepfunctions-tasks: runtime role in EmrAddStep (#27736) (314fbfa), closes #27691
• stepfunctions-tasks: support for the Step Functions optimized integration for Bedrock InvokeModel API (#28276) (f3dafa4)
• update AWS Service Spec (#28328) (15c7bb2)
• ROADMAP: updates to public roadmap 🚀 (#28302) (fe30921)

Bug Fixes

• rds: publiclyAccessible=false set on an instance is ignored when cluster is placed in a public subnet (#28038) (569593c), closes #28037 #28037
• route53: delete old NS records on cross-account delegation renaming (#21249) (#27523) (448e2bd), closes #25285
• stepfunctions-tasks: missing tags & perms for emr cluster creation (#28327) (14e5e50)
• stepfunctions-tasks: state machine role is missing sagemaker:AddTags permission for SageMakerCreateTransformJob task (#27264) (8ce0283), closes #26012

---

Alpha modules (2.115.0-alpha.0)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

• scheduler: The typos in the Schedule and Group construct method names have been fixed, changing metricSentToDLQTrunacted to metricSentToDLQTruncated and metricAllSentToDLQTrunacted to metricAllSentToDLQTruncated.
• redshift: Further updates of the Redshift table will fail for existing tables, if the table name is changed. Therefore, changing the table name for existing Redshift tables have been disabled.

Features

• appconfig-alpha: add deploy method to configuration constructs (#28269) (c723ef9)
• cloud9-alpha: support image ids for Amazon Linux 2023 and Ubuntu 22.04 (#28346) (93681e0), closes /docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-resource-cloud9-environmentec2.html#cfn-cloud9-environmentec2
• scheduler: start and end time for schedule construct (#28306) (0b4ab1d), closes /github.com/aws/aws-cdk/pull/26819#discussion_r1301532299

Bug Fixes

• appconfig-alpha: extensions always create cdk diff (#28264) (2075559), closes #27676
• redshift: tables were dropped on table name change (#24308) (7ac237b), closes #24246
• scheduler: typo in metricSentToDLQ... methods (#28307) (8b91e10)