chore(release): 2.131.0 #29339

See [CHANGELOG](https://github.com/aws/aws-cdk/blob/merge-back/2.130.0/CHANGELOG.md)

…alue` methods (#29150) ### Issue # (if applicable) Closes #29092. ### Reason for this change To be able to set the description of the `CfnOutput` created when using `exportValue` and `exportStringListValue`. ### Description of changes Add property `description` to `ExportValueOptions` interface. ### Description of how you validated changes Both unit and integ tests ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

### Issue # (if applicable) Closes #29185 ### Reason for this change CFN applies the SAM transform before the changeset is created. This means that SAM resources become their underlying CFN types in the template that the changeset operates on. This means that the changeset is operating on resources that we don't see in our template. ### Description of changes Before, if we saw properties in our diff that were not in the changeset (like `codeUri` for `Serverless::Function`, which doesn't appear in the changeset, because it becomes `Code` for `Lambda::Function`), we'd filter them out of the diff. We now skip this process for SAM resources. ### Description of how you validated changes unit test ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…28989) ### Issue # (if applicable) Closes #28862 ### Reason for this change CFN resources that has array format `tags` cannot use `Tags.of()` to add tags. ### Description of changes Enable modern style tags `ITaggableV2` ### Description of how you validated changes The generated looks correct and shouldn't cause breaking changes. *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Closes #29222. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

### Reason for this change AppSync now supports environment variables in GraphQL resolvers and functions. It would be good for `GraphqlApi` construct to have the property. - https://aws.amazon.com/jp/about-aws/whats-new/2024/02/aws-appsync-environment-variables-graph-ql-resolvers-functions/ - https://docs.aws.amazon.com/en_en/appsync/latest/devguide/environmental-variables.html - https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-appsync-graphqlapi.html#cfn-appsync-graphqlapi-environmentvariables ### Description of changes The `environmentVariables` property is added to `GraphqlApi` construct. To add environment variables after the initiation, we can use `addEnvironmentVariables` method. ### Description of how you validated changes Both unit and integ tests. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…ped (#28826) It looks like in our custom resource response senders, we are not checking the HTTP result code of making the `PUT` request to the presigned URL. This allows for the possibility that we don't detect that we got a 500, exit successfully, and drop the response on the floor. Also log the URL we're writing to so that it becomes easier to debug missing object PUTs. (Yes, I am aware that there is awkward duplication going on here. I'm trying to get this out quickly, and doing a full refactor will take me time that I don't have to spend on this) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec` **L1 CloudFormation resource definition changes:** ``` ├[~] service aws-applicationinsights │ └ resources │ └[~] resource AWS::ApplicationInsights::Application │ └ properties │ └[+] AttachMissingPermission: boolean ├[~] service aws-controltower │ └ resources │ └[~] resource AWS::ControlTower::EnabledControl │ └ properties │ └ Tags: (documentation changed) ├[~] service aws-customerprofiles │ └ resources │ ├[~] resource AWS::CustomerProfiles::Domain │ │ └ properties │ │ └ DefaultExpirationDays: - integer │ │ + integer (required) │ └[~] resource AWS::CustomerProfiles::ObjectType │ └ properties │ ├ Description: - string │ │ + string (required) │ └ ObjectTypeName: - string (immutable) │ + string (required, immutable) ├[~] service aws-ec2 │ └ resources │ ├[~] resource AWS::EC2::EC2Fleet │ │ └ types │ │ └[~] type InstanceRequirementsRequest │ │ └ properties │ │ └ MaxSpotPriceAsPercentageOfOptimalOnDemandPrice: (documentation changed) │ └[~] resource AWS::EC2::SpotFleet │ └ types │ └[~] type InstanceRequirementsRequest │ └ properties │ └ MaxSpotPriceAsPercentageOfOptimalOnDemandPrice: (documentation changed) ├[~] service aws-glue │ └ resources │ └[~] resource AWS::Glue::DataCatalogEncryptionSettings │ └ types │ └[~] type EncryptionAtRest │ └ properties │ └ CatalogEncryptionServiceRole: (documentation changed) ├[~] service aws-lambda │ └ resources │ └[~] resource AWS::Lambda::Function │ └ attributes │ ├ SnapStartResponse: (documentation changed) │ ├ SnapStartResponse.ApplyOn: (documentation changed) │ └ SnapStartResponse.OptimizationStatus: (documentation changed) ├[~] service aws-quicksight │ └ resources │ └[~] resource AWS::QuickSight::Dashboard │ └ properties │ └[+] LinkEntities: Array<string> └[~] service aws-sagemaker └ resources └[~] resource AWS::SageMaker::FeatureGroup └ types ├[~] type OnlineStoreConfig │ └ properties │ └ TtlDuration: (documentation changed) └[~] type TtlDuration ├ - documentation: TTL configuration of the feature group │ + documentation: Time to live duration, where the record is hard deleted after the expiration time is reached; `ExpiresAt` = `EventTime` + `TtlDuration` . For information on HardDelete, see the [DeleteRecord](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_feature_store_DeleteRecord.html) API in the Amazon SageMaker API Reference guide. └ properties ├ Unit: (documentation changed) └ Value: (documentation changed) ```

… machine execution (#29267) ### Issue # (if applicable) Closes #29261 ### Reason for this change Enable proper escaping of curly braces in Step Functions intrinsic functions. The user needs to be able to explicitly escape curly braces to distinguish them from curly braces used for intrinsic function arguments (`\{\}` vs `{}`. Currently, the escaping logic double-escapes an already-escaped curly brace. The state machine successfully deploys, but then fails to execute. ### Description of changes When a backslash immediately precedes a curly brace, it will not be escaped. ### Description of how you validated changes Added a case to an existing integration test, and updated the integ test to execute the deployed state machine to check for runtime errors. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Closes gh-29254. ### Issue # (if applicable) Closes #29254. ### Reason for this change This fixes minor grammar issues in docs. ### Description of changes I made no functional code changes, only changes to docs via comments. I made no design decisions. ### Description of how you validated changes Doc changes only. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Bumps [es5-ext](https://github.com/medikoo/es5-ext) from 0.10.62 to 0.10.63. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/medikoo/es5-ext/releases">es5-ext's releases</a>.</em></p> <blockquote> <h2>0.10.63 (2024-02-23)</h2> <h3>Bug Fixes</h3> <ul> <li>Do not rely on problematic regex (<a href="https://github.com/medikoo/es5-ext/commit/3551cdd7b2db08b1632841f819d008757d28e8e2">3551cdd</a>), addresses <a href="https://redirect.github.com/medikoo/es5-ext/issues/201">#201</a></li> <li>Support ES2015+ function definitions in <code>function#toStringTokens()</code> (<a href="https://github.com/medikoo/es5-ext/commit/a52e95736690ad1d465ebcd9791d54570e294602">a52e957</a>), addresses <a href="https://redirect.github.com/medikoo/es5-ext/issues/021">#021</a></li> <li>Ensure postinstall script does not crash on Windows, fixes <a href="https://redirect.github.com/medikoo/es5-ext/issues/181">#181</a> (<a href="https://github.com/medikoo/es5-ext/commit/bf8ed799d57df53096da9d908ff577f305e1366f">bf8ed79</a>)</li> </ul> <h3>Maintenance Improvements</h3> <ul> <li>Simplify the manifest message (<a href="https://github.com/medikoo/es5-ext/commit/7855319f41b9736639cf4555bd2c419f17addf55">7855319</a>)</li> </ul> <hr /> <p><a href="https://github.com/medikoo/es5-ext/compare/v0.10.62...v0.10.63">Comparison since last release</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md">es5-ext's changelog</a>.</em></p> <blockquote> <h3><a href="https://github.com/medikoo/es5-ext/compare/v0.10.62...v0.10.63">0.10.63</a> (2024-02-23)</h3> <h3>Bug Fixes</h3> <ul> <li>Do not rely on problematic regex (<a href="https://github.com/medikoo/es5-ext/commit/3551cdd7b2db08b1632841f819d008757d28e8e2">3551cdd</a>), addresses <a href="https://redirect.github.com/medikoo/es5-ext/issues/201">#201</a></li> <li>Support ES2015+ function definitions in <code>function#toStringTokens()</code> (<a href="https://github.com/medikoo/es5-ext/commit/a52e95736690ad1d465ebcd9791d54570e294602">a52e957</a>), addresses <a href="https://redirect.github.com/medikoo/es5-ext/issues/021">#021</a></li> <li>Ensure postinstall script does not crash on Windows, fixes <a href="https://redirect.github.com/medikoo/es5-ext/issues/181">#181</a> (<a href="https://github.com/medikoo/es5-ext/commit/bf8ed799d57df53096da9d908ff577f305e1366f">bf8ed79</a>)</li> </ul> <h3>Maintenance Improvements</h3> <ul> <li>Simplify the manifest message (<a href="https://github.com/medikoo/es5-ext/commit/7855319f41b9736639cf4555bd2c419f17addf55">7855319</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/medikoo/es5-ext/commit/de4e03c4776a303284142f73f3f181a070615817"><code>de4e03c</code></a> chore: Release v0.10.63</li> <li><a href="https://github.com/medikoo/es5-ext/commit/3fd53b755ec883be8f119c747f0b04130741e456"><code>3fd53b7</code></a> chore: Upgrade<code> lint-staged</code> to v13</li> <li><a href="https://github.com/medikoo/es5-ext/commit/bf8ed799d57df53096da9d908ff577f305e1366f"><code>bf8ed79</code></a> chore: Ensure postinstall script does not crash on Windows</li> <li><a href="https://github.com/medikoo/es5-ext/commit/2cbbb0717bd8de6e38fcba1f0d45bc876e7a1951"><code>2cbbb07</code></a> chore: Bump dependencies</li> <li><a href="https://github.com/medikoo/es5-ext/commit/22d0416ea170000a115609f22a560dfa9193ebb0"><code>22d0416</code></a> chore: Bump LICENSE year</li> <li><a href="https://github.com/medikoo/es5-ext/commit/a52e95736690ad1d465ebcd9791d54570e294602"><code>a52e957</code></a> fix: Support ES2015+ function definitions in <code>function#toStringTokens()</code></li> <li><a href="https://github.com/medikoo/es5-ext/commit/3551cdd7b2db08b1632841f819d008757d28e8e2"><code>3551cdd</code></a> fix: Do not rely on problematic regex</li> <li><a href="https://github.com/medikoo/es5-ext/commit/7855319f41b9736639cf4555bd2c419f17addf55"><code>7855319</code></a> chore: Simplify the manifest message</li> <li>See full diff in <a href="https://github.com/medikoo/es5-ext/compare/v0.10.62...v0.10.63">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=es5-ext&package-manager=npm_and_yarn&previous-version=0.10.62&new-version=0.10.63)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aws/aws-cdk/network/alerts). </details>

### Issue # (if applicable) As described in #29282 , when renaming the cluster, an additional temporary IAM policy will be required. I am proposing the doc update to clarify this with this PR. Closes #29282 #24174 ### Reason for this change To address this use case. ### Description of changes ### Description of how you validated changes ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

### Issue Closes #28904. ### Reason for this change It is not possible to create an integration between Step Functions and HTTP API. ### Description of changes You can create integration by `HttpStepFunctionsIntegration` class: ```ts declare const httpApi: apigwv2.HttpApi; declare const stateMachine: sfn.StateMachine; const integration = new HttpStepFunctionIntegration('StepFunctionIntegration', { stateMachine, }) httpApi.addRoutes({ path: '/jobs', methods: [apigwv2.HttpMethod.POST], integration, }); ``` ### Description of how you validated changes Added unit tests and integ test. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…29086) ### Issue Closes #23031. ### Reason for this change The `grantXx` methods are implemented in the `GraphqlApi` class, but it could not be used with an imported graphql api. ### Description of changes Moved the implementation of the `grantXx` method from the `GraphqlApi` class to the `GraphqlApiBase` class." ### Description of how you validated changes I've added both unit and integ tests. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

### Reason for this change Step Scaling without `adjustmentType` fails with CFn error `You must specify an AdjustmentType for policy type: StepScaling`. - Reproduction code ```ts const asg = new autoscaling.AutoScalingGroup(stack, 'ASG', { vpc, instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO), machineImage: new ec2.AmazonLinuxImage({ generation: ec2.AmazonLinuxGeneration.AMAZON_LINUX_2 }), }); asg.scaleOnMetric('StepScaling', { metric: new cloudwatch.Metric({ namespace: 'AWS/EC2', metricName: 'CPUUtilization', dimensionsMap: { AutoScalingGroupName: asg.autoScalingGroupName } }), scalingSteps: [ { upper: 10, change: -1 }, { lower: 50, change: +1 }, { lower: 90, change: +2 }, ], evaluationPeriods: 10, datapointsToAlarm: 5, metricAggregationType: autoscaling.MetricAggregationType.MAXIMUM, // adjustmentType: autoscaling.AdjustmentType.CHANGE_IN_CAPACITY, }); ``` ### Description of changes According to [the CDK code](https://github.com/aws/aws-cdk/blob/v2.122.0/packages/aws-cdk-lib/aws-autoscaling/lib/step-scaling-policy.ts#L105-L115), `CHANGE_IN_CAPACITY` will be used if `adjustmentType` is not specified in the prop. But the variable is not passed into `StepScalingAction` construct (instead `props.adjustmentType` is passed as is). [The documentation](https://github.com/aws/aws-cdk/blob/v2.122.0/packages/aws-cdk-lib/aws-autoscaling/lib/step-scaling-policy.ts#L26) also says that the default value is `CHANGE_IN_CAPACITY`. So we should use `adjustmentType` instead of `props.adjustmentType`. ```ts const adjustmentType = props.adjustmentType || AdjustmentType.CHANGE_IN_CAPACITY; const changesAreAbsolute = adjustmentType === AdjustmentType.EXACT_CAPACITY; // ... // ... this.lowerAction = new StepScalingAction(this, 'LowerPolicy', { // adjustmentType: props.adjustmentType, adjustmentType, ``` **The fact that the error occurs if `props.adjustmentType` is not specified means that the user's successful existing stack always specifies `props.adjustmentType`. In other words, no change to the existing resource will occur due to this change, so there is no need for a feature flag.** ### Description of how you validated changes ~~Unit tests without integ tests, because this PR could cover this bug by unit tests.~~ Both unit and integ tests. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

I have not tested any of the actions in the new source because all I have done are move the actions over to a different repository. I will monitor the actions for any failures and deal with them on the fly. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…ster` (#29244) This PR adds an `autoscalingGroup` attribute to `ImportedCluster`. This attribute is set using the `autoscalingGroup` property from `ClusterAttributes` in the constructor of `ImportedCluster`. Closes #29241. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

### Issue # (if applicable) NA ### Reason for this change adding abstraction team new members to mergify and merit badger ### Description of changes adding abstraction team new members to mergify and merit badger ### Description of how you validated changes NA ### Checklist - [ ] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…ime (#29305) Fix for failing CLI integ canary ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…s to bucket (#29242) ### Issue #22267 (if applicable) Closes #22267. ### Reason for this change Setting the `isOrganizationTrail` property to `true` attaches insufficient permissions to the bucket thus failing to deploy the `Trail` with: ``` Invalid request provided: Incorrect S3 bucket policy is detected for bucket: ... ``` ### Description of changes This PR adds a new property `orgId` to `TrailProps` that will be used to attach the [missing permission](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/create-s3-bucket-policy-for-cloudtrail.html#org-trail-bucket-policy) ``` "Action": "s3:PutObject", "Resource": "arn:aws:s3:::myOrganizationBucket/AWSLogs/o-organizationID/*", "Condition": { "StringEquals": { "s3:x-amz-acl": "bucket-owner-full-control", "aws:SourceArn": "arn:aws:cloudtrail:region:managementAccountID:trail/trailName" } ``` when `isOrganizationTrail: true`. ### Description of how you validated changes Validated locally that I can deploy when `Trail.isOrganizationTrail: true` with a valid `orgId` + added unit test case. I can't think of a way to test this with an integ test as it requires a valid `orgId` to deploy but any suggestions are welcome. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Adds support for `removalPolicy: RemovalPolicy.SNAPSHOT` for DocumentDB clusters as specified in the [documentation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html). To allow users to specify custom policies for the cluster's instances and security group the following properties have been added: * `instanceRemovalPolicy` * `securityGroupRemovalPolicy` Closes #28773. Closes #28861 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Follow up to #29305 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…ts (#29287) ### Issue # (if applicable) Closes #<issue number here>. ### Reason for this change When creating an EventPattern for a custom event, a few properties are required. Documentation currently isn't clear on which properties are required. This change links to AWS documentation that describes the required properties for custom events. ### Description of changes Added text stating that some optional properties are required for custom events and provided link to docs. ### Description of how you validated changes No validation ### Checklist - [ ] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

### Issue # (if applicable) ### Reason for this change This is to bring parity with #10741, we need the cluster arn to enable data api manually waiting for #28574. ### Description of changes This adds a clusterArn property to IDatabaseCluster ### Description of how you validated changes The changes have been validated through a unit test ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Follow-up to #29313 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…stances (#28728) In this PR, I have enabled the setting of the [credit configuration mode](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-credits-baseline-concepts.html#key-concepts) for EC2 instances and NAT instances in burstable performance instances. ```ts // for EC2 instance new Instance(stack, 'Instance', { vpc, machineImage: new AmazonLinuxImage(), instanceType: InstanceType.of(InstanceClass.T3, InstanceSize.LARGE), creditSpecification: CpuCredits.STANDARD, // added }); // for NAT instance const natInstanceProvider = NatProvider.instance({ instanceType: InstanceType.of(InstanceClass.T3, InstanceSize.LARGE), machineImage: new AmazonLinuxImage(), creditSpecification: CpuCredits.STANDARD, // added }); new Vpc(stack, 'VPC', { natGatewayProvider: natInstanceProvider, }); ``` Closes #19166. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

#29235) Closes #29151. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Automated changes by [create-pull-request](https://github.com/peter-evans/create-pull-request) GitHub action

…rved (#28607) This PR fixes that Internet Gateway will be created even if (all) public subnets are reserved. The `reserved` option is for not actually creating subnet resources. So IGW should not be created if all public subnets are reserved, because there is no public subnets in the VPC. It would be appropriate to consider the `reserved` option since [we originally did not want to create an IGW if there was no public subnets](https://github.com/aws/aws-cdk/blob/v2.118.0/packages/aws-cdk-lib/aws-ec2/lib/vpc.ts#L1493-L1497). Also, if this bug is not fixed, it will go to the [code where the NatGateway is created](https://github.com/aws/aws-cdk/blob/v2.118.0/packages/aws-cdk-lib/aws-ec2/lib/vpc.ts#L1513-L1517) without public subnets. (This will be stopped with another error, but...) Closes #28593. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…alues (#29066) There are three `PredefinedMetricType` values missing from the enum: * SageMakerVariantProvisionedConcurrencyUtilization * SageMakerInferenceComponentInvocationsPerCopy * ElastiCacheDatabaseCapacityUsageCountedForEvictPercentage https://docs.aws.amazon.com/autoscaling/application/APIReference/API_PredefinedMetricSpecification.html Closes #29065. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

The regression test skipping mechanism doesn't seem to be working. Investigate what's going on by adding print logging. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

### Issue # (if applicable) Closes #29334 ### Reason for this change To support Amazon Linux 2023 nodegroup. ### Description of changes Allow the AmiType to select Amazon Linux 2023 for both x86_64 and ARM_64. ### Description of how you validated changes ```ts const mastersRole = new iam.Role(this, 'AdminRole', { assumedBy: new iam.AccountRootPrincipal(), }); const vpc = ec2.Vpc.fromLookup(this, 'Vpc', { isDefault: true }); const cluster = new eks.Cluster(this, 'Cluster', { vpc, mastersRole, kubectlLayer: new KubectlV29Layer(this, 'KubectlLayer'), version: eks.KubernetesVersion.V1_29, defaultCapacity: 0, }); cluster.addNodegroupCapacity('NG-X86', { amiType: eks.NodegroupAmiType.AL2023_X86_64_STANDARD, desiredSize: 1, }); cluster.addNodegroupCapacity('NG-ARM', { amiType: eks.NodegroupAmiType.AL2023_ARM_64_STANDARD, desiredSize: 1, }); ``` ```sh $ /tmp/kubectl get no NAME STATUS ROLES AGE VERSION ip-172-31-1-222.ec2.internal Ready <none> 4m53s v1.29.0-eks-5e0fdde ip-172-31-2-242.ec2.internal Ready <none> 4m46s v1.29.0-eks-5e0fdde ``` ``` $ /tmp/kubectl get nodes ip-172-31-1-222.ec2.internal -o jsonpath="{ .status.nodeInfo}" | jq -r . { "architecture": "amd64", "bootID": "f65b39c5-f1c6-4b75-8f62-8424c29302ca", "containerRuntimeVersion": "containerd://1.7.11", "kernelVersion": "6.1.77-99.164.amzn2023.x86_64", "kubeProxyVersion": "v1.29.0-eks-5e0fdde", "kubeletVersion": "v1.29.0-eks-5e0fdde", "machineID": "ec23037a57eb6be59d03137fbe1c2625", "operatingSystem": "linux", "osImage": "Amazon Linux 2023", "systemUUID": "ec23037a-57eb-6be5-9d03-137fbe1c2625" } $ /tmp/kubectl get nodes ip-172-31-2-242.ec2.internal -o jsonpath="{ .status.nodeInfo}" | jq -r . { "architecture": "arm64", "bootID": "a2d15e6f-c48c-474b-aad5-510712c41153", "containerRuntimeVersion": "containerd://1.7.11", "kernelVersion": "6.1.77-99.164.amzn2023.aarch64", "kubeProxyVersion": "v1.29.0-eks-5e0fdde", "kubeletVersion": "v1.29.0-eks-5e0fdde", "machineID": "ec2b26d85fe443884398704c3b82887b", "operatingSystem": "linux", "osImage": "Amazon Linux 2023", "systemUUID": "ec2b26d8-5fe4-4388-4398-704c3b82887b" } ``` ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…rvices (#29275) ### Issue # (if applicable) Closes #18105. ### Reason for this change In April 2021, Fargate added support for [requesting additional ephemeral storage](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/fargate-task-storage.html#fargate-task-storage-pv14). Support for this feature has [been added](f1bf935#diff-dcfbc499b4d3c10afcd4e63ad0e4ecc54df2464e45af67f1fdae69d3fa2d43a0) to the aws-ecs package, but is still not supported by the aws-ecs-patterns package. ### Description of changes This code change adds an optional field `ephemeralStorageGiB` in `packages/aws-cdk-lib/aws-ecs-patterns/lib/base/fargate-service-base.ts`, after other fields like `cpu` and `memoryLimitMiB`. ### Description of how you validated changes Added unit tests and new integration tests. Created a simple CDK application with the new constructs, and verified that it synthesized and deployed correctly. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(release): 2.131.0 #29339

chore(release): 2.131.0 #29339

Commits on Feb 23, 2024

Commits on Feb 24, 2024

Commits on Feb 26, 2024

Commits on Feb 27, 2024

Commits on Feb 28, 2024

Commits on Feb 29, 2024

Commits on Mar 1, 2024