aws/aws-cdk v1.65.0

on GitHub

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

• aws-appmesh: VirtualNode no longer has accessLog set to "/dev/stdout" by default

• cognito: refreshToken property is now removed from
  UserPoolClient. It will be included if any other authFlow is enabled.

• synthetics: the default runtime is now syn-nodejs-2.0

• eks: cluster.addChart renamed to cluster.addHelmChart

• eks: NodegroupOptions.launchTemplate renamed to NodegroupOptions.launchTemplateSpec

• eks: cluster.addAutoScalingGroup renamed to cluster.connectAutoScalingGroupCapacity

• eks: cluster.addNodegroup renamed to cluster.addNoedgroupCapacity

• eks: cluster.addCapacity renamed to cluster.addAutoScalingGroupCapacity

• eks: CapacityOptions renamed to AutoScalingGroupCapacityOptions. Resolves #10364

• rds: the default generated password exclude characters set for Instance, Cluster and DatabaseSecret is now " %+~`#$&*()|[]{}:;<>?!'/@\"\\"

• rds: the default generated password exclude characters for addSingleUserRotation() and addMultiUserRotation() in Cluster and Instance is now " %+~`#$&*()|[]{}:;<>?!'/@\"\\"

• rds: Instance.addSingleUserRotation() now takes options object as the first argument, instead of just Duration

• rds: Cluster.addSingleUserRotation() now takes options object as the first argument, instead of just Duration

• rds: SnapshotCredentials.fromGeneratedPassword() now takes an option object as the second argument, instead of just IKey

• rds: DatabaseInstanceProps and DatabaseInstanceFromSnapshotProps -
  masterUsername, masterUserPassword and masterUserPasswordEncryptionKey moved
  to credentials as a new Credentials class.

• rds: Login renamed to Credentials. Use Credentials.fromUsername to replace existing usage.

• rds: DatabaseClusterProps masterUser renamed to credentials.

Features

• aws-appmesh: adds access logging configuration to Virtual Nodes (#10490) (e96b5aa)
• aws-ecs-builder: RFC 219 - An extendable service class for AWS ECS (#10129) (d95af00)
• batch: Importing a JobDefinition from name using fromJobDefinitionName (#10448) (7ce91e8), closes #7172
• cognito: import existing user pool domain (#10550) (37e2c35), closes #9988
• core: add parseDomainName to Fn class (#10465) (799da48), closes #5433
• ec2: c6 graviton2 instance classes (#10558) (0d4d44f), closes #10372
• ecs-patterns: allow passthrough of security groups to service (#10501) (e349004), closes #8953
• eks: EKS is now in Developer Preview (#10518) (b2ce3aa)
• elasticsearch: L2 for ElasticsearchDomain (#8369) (33ce50f)
• lambda: kafka topic as an event source (#10445) (dac1e12)
• lambda-event-sources: dead letter queue and filter policy for sns event source (#10567) (d70808b)
• pipelines: allow disabling of KMS keys (#10396) (1f7311f), closes #10115 #10474
• pipelines: Allow specifying a VPC for pipelines.CdkPipeline, standardNpmSynth, and standardYarnSynth (#10453) (2e0824b), closes #9982
• rds: add support for update and backup properties to Cluster instances (#10324) (4a4c154), closes #9926 #10092
• rds: add the ability to exclude characters when generating passwords for Cluster, Instance, DatabaseSecret (3b88256), closes #4144
• rds: construct for Aurora Serverless Clusters (#10516) (0d7d07e), closes #929
• add configuration for GitHub CodeSpaces (#10470) (bf3cc21), closes #10447
• rds: support setting database master users from existing secrets (#10458) (c7c7851), closes #7927
• rds: the RDS Construct Library is now Generally Available (#10610) (ccfa73f)
• rds: the unversioned Cluster engine constants are no longer deprecated (#10605) (86e6455)
• s3: support replication and restore s3 notification event types (#10552) (ee0db39), closes #10498
• support the 'Description' resource attribute (#10522) (d68ce2f)
• stepfunctions-tasks: support for SageMaker APIs: CreateEndpoint, CreateEndpointConfig, CreateModel, and UpdateEndpoint (#10187) (84738ee)
• synthetics: syn-nodejs-2.0 runtime (#10574) (a3c41ae)

Bug Fixes

• appsync: multiple interface types generates invalid schema (#10481) (6f2d393), closes #10479
• cfn-include: Fn::GetAtt with a string argument fails to include (#10546) (6a24026)
• cli: listing same stack multiple times fails (#10554) (44c1f20), closes #9667
• cli: OS usernames cannot have Unicode characters (#10451) (635f0ed), closes #10401
• cloudfront: logging bucket uses regional domain name (#10570) (19dd454), closes #2554 #10512
• codebuild: encryptionKey cannot be disabled (#10474) (4aadaa7)
• codepipeline-actions: use token as CodeCommitSourceAction branch (#10463) (94bbabf), closes #10263
• cognito: authFlows require refreshToken in all scenarios (#10561) (c0a3cb4), closes #7625
• cognito: callback URLs are specified when OAuth is disabled for user pool clients (#10588) (fbd48b2), closes #10311
• core: bundling with staging disabled returns a relative path (#10507) (e9b5b8c), closes #9576 #10367
• core: properties set to false are not rendered in the template (#10539) (b42d4e9), closes #10455
• core: write Metadata resource in core framework (#10306) (fb39803)
• pipelines: stack tags (#10533) (97bfd10), closes #9260
• rds: allow creating Proxies for imported resources (#10488) (c502114), closes #9195
• rds: default username 'admin' doesn't work for PostgreSQL (#10597) (8a04014), closes #10458 #10579
• secretsmanager: cannot import secrets by ARN without suffix (#10609) (3a1d38e), closes #10604
• secretsmanager: cannot import secrets if ARN is a token (#10568) (350105a), closes #10309 #10520
• stepfunctions: JsonPath does not support path with array (#10553) (07d14ae), closes #9403
• stepfunctions: States.ALL doesn't appear last in Retry and Catch arrays (#10538) (a8d7282), closes #10530