⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES
- cloudfront-origins: Default minimum origin SSL protocol for
HttpOrigin
andLoadBalancerOrigin
changed from SSLv3 to TLSv1.2. - apigatewayv2:
domainName
property underDomainName
has been
renamed toname
. - appmesh: the properties
dnsHostName
andawsCloudMap
ofVirtualNodeProps
have been replaced with the propertyserviceDiscovery
- kms: change the default value of trustAccountIdentities to true,
which will result in the key getting the KMS-recommended default key
policy. This is enabled through the '@aws-cdk/aws-kms:defaultKeyPolicies'
feature flag.
Features
- appmesh: add ClientPolicy to VirtualNode, VirtualGateway and VirtualService (#11563) (bfee58c)
- appmesh: change Virtual Node service discovery to a union-like class (#11926) (f75c264)
- appsync: support appsync functions for pipelineConfig (#10111) (cb703c7), closes #9092
- batch: Log configuration for job definitions (#11771) (84c959c), closes #11218
- cloudfront: responseHttpStatus defaults to httpStatus in errorResponses (#11879) (c6052ae)
- cloudfront: the Distribution construct is now Generally Available (stable) (#11919) (442bf7e)
- cloudfront-origins: ability to specify minimum origin SSL protocol (#11997) (a0aa61d), closes #11994
- cloudfront-origins: CloudFront Origins is now Generally Available (#12011) (daace16), closes #11919
- codeguruprofiler: the CodeGuru Profiler Construct Library is now Generally Available (stable) (#11924) (cbe7a10)
- ecs: introduce a new Image type, TagParameterContainerImage, to be used in CodePipeline (#11795) (4182c40), closes #1237 #7746
- eks: kubernetes resource pruning (#11932) (1fdd549), closes #10495
- kms: change default key policy to align with KMS best practices (under feature flag) (#11918) (ff695da), closes #5575 #8977 #10575 #11309
- s3: add support to set bucket OwnershipControls (#11834) (0d289cc), closes #11591
Bug Fixes
- apigateway: base path url cannot contain upper case characters (#11799) (8069a7e)
- cfn-include: cfn-include fails in monocdk (#11595) (45e43f2), closes #11342
- cli: cross-account deployment no longer works (#11966) (6fb3448), closes #11350 #11792 #11792
- codebuild: incorrect SSM Parameter ARN in Project's IAM permissions (#11917) (7a09c18), closes #9980
- core: autogenerated exports do not account for stack name length (#11909) (0df79a2), closes #9733
- ecs: cannot disable container insights of an ECS cluster (#9151) (e328f22), closes #9149
- eks: kubectl provider out-of-memory for large manifests/charts (now 1GiB) (#11957) (2ec2948), closes #11787
- synthetics:
metricFailed
usesAverage
instead ofSum
by default (#11941) (3530e8c) - apigatewayv2: rename 'domainName' to 'name' in the DomainName construct (#11989) (1be831a)