⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES
- core: so this PR attempts to smooth a rough edge by "locking"
thelogicalIdwhenexportValueis called. If the user attempts to
override the id after that point, an error message will be thrown
Features
- cfnspec: cloudformation spec v73.1.0 (backport #20587) (#20592) (01711e8)
- cognito: OpenID Connect identity provider (#20241) (33acc7c)
- core:
addToRolePolicy()for custom resource provider (#20449) (7f2fccc) - lambda: add insights version 1.0.135.0 (#19588) (68761dc), closes /docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Lambda-Insights-extension-versionsx86-64.html#Lambda-Insights-extension-1 /docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Lambda-Insights-extension-versionsARM.html#Lambda-Insights-extension-ARM-1
- pipelines: pass role to s3 source action (#20576) (e2768e8), closes #20556
- s3: adds objectSizeLessThan property for s3 lifecycle rule (#20429) (2bf30df), closes #20425 #20372
Bug Fixes
- core: logicalId is consumed prior to being overridden (#20560) (e44c2c4), closes #14335
- ecr-assets: cannot build ARM images using modern stack synthesis (#20563) (9a23575), closes #20439
- ecs: canContainersAccessInstanceRole is ignored when passed in AsgCapacityProvider constructor (#20522) (dacefd6), closes #20293 #20293
- ecs: fix typo from fromServiceAtrributes to fromServiceAttributes (#20456) (f4439ce), closes #20458
- events-targets: EventBus IAM statements are only added for the first target (#20479) (74318c7), closes #19407
- iam: referencing the same immutable role twice makes it mutable (#20497) (264c02e), closes #7255
- lambda: function version ignores layer version changes (#20150) (f19ecef), closes #19098
- rds: clusters created from snapshots generate incorrect passwords (#20504) (4a87d39), closes #20434 #20473
- Default username in RoleSessionName (#20188) (b7bc10c), closes #19401 #7937 #19401