Features
- appsync: L2 construct for EventBridge DataSource. (#25369) (a0ad49d), closes #24809
- cfnspec: cloudformation spec v120.0.0 (#25354) (9096602)
- codebuild: add support for
aws/codebuild/amazonlinux2-aarch64-standard:3.0(#25351) (0d187c1), closes #25334 - ec2: Prefixlist Constructs (#25252) (b2dfac0), closes #24714
- ec2: restrict access to default security group (under feature flag) (#25297) (d8272ef), closes /docs.aws.amazon.com/securityhub/latest/userguide/ec2-controls.html#ec2-2 #19394
- events: Validate events rule name (#25366) (5bdb012), closes #25352
- rds: add missing PerformanceInsightRetention options (#25347) (1dbae20)
Bug Fixes
- api-gateway: add validation to
variablesproperty onStageresource (#25267) (04427e3), closes #3635 - apigateway: cannot use requestValidatorOptions multiple times (under feature flag) (#25324) (2a49fd1), closes #7613
- batch:
ManagedEc2EcsComputeEnvironmentinstance role missing managed policy (#25279) (c81d115), closes #25256 - batch: JobQueue uses wrong id for underlying CfnJobQueue (#25269) (4cbb790), closes #25248
- core: output folder checksum is computed unnecessarily (#25392) (f2294ba)
- ecs: Allow scheduling DAEMON services even if no EC2 capacity attached to cluster (#25306) (#25328) (96bb8ce)
- elasticloadbalancingv2: the bucket policy for ELB access logging is too permissive (#25345) (748e685), closes /docs.aws.amazon.com/securityhub/latest/userguide/s3-controls.html#s3-6
- iam: Role.fromRoleName fails on AWS created roles (#25389) (4c9ce9b)
- integ-tests: allow multiple AwsApiCalls with the same action and different parameters (#25241) (75967e1), closes #25014
- s3-deployment: doesn't work in ADC regions (#25363) (432af34)
- dns-validated-cert cr doesn't use node16 (#25348) (ad71026), closes #25335