aws/aws-cdk v2.237.0

on GitHub

⚠ BREAKING CHANGES

• iam: Receivers of IEncryptedResource objects now have fewer guarantees about the shape of the object. If you still require an IResource, change the type to IEncryptedResource & IResource and/or add a type guard check using Resource.isResource(). Implementations of IEncryptedResource no longer need to implement IResource but must continue to implement IEnvironmentAware. Since IResource extends IEnvironmentAware, there is no change for implementors. Calls to GrantableResources.isEncryptedResource() now require an IEnvironmentAware argument instead of IConstruct.

Features

• eks: add OidcProviderNative using L1 and deprecate OpenIdConnectProvider custom resource (#36589) (09383cb)
• eks: add support overwriteServiceAccount prop in service account construct (#36751) (3aa38f6)
• kms: make trustAccountIdentities optional in KeyGrants (#36786) (06676ac)
• lambda: add observability support for kafka event source mappings (#36808) (dd8b419)
• update L1 CloudFormation resource definitions (#36799) (7ecd0a9)
• opensearchservice: support OI2 instance type with local NVMe storage (#36700) (034baf3), closes #36698

Bug Fixes

• iam: IEncryptedResource extends IEnvironmentAware instead of IResource (#36787) (90ad834)

Alpha modules (2.237.0-alpha.0)

Features

• bedrock-agentcore-alpha: add support for custom claims and scopes to runtime/gateway authorizers (#36810) (a3abcd0)
• eks-v2-alpha: pass additional helm chart values to aws-load-balancer-controller (#36754) (cf61814), closes /github.com/kubernetes-sigs/aws-load-balancer-controller/blob/main/helm/aws-load-balancer-controller/values.yaml#L199
• mixins-preview: align Mixins API with latest RFC proposal (#36825) (82c2fdb)
• mixins-preview: handle destination bucket with KMS keys (#36776) (950401f)

Bug Fixes

• bedrock-agentcore-alpha: construct ID collision when multiple schemas are set (#36565) (9ebfb62), closes #36559