cdk 1.68.0

v1.68.0

on Node.js Yarn

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

• config: scopeToResource(), scopeToResources() and scopeToTag() APIs have been removed. Use the ruleScope property to restrict the scope of a Config rule. fromResource(), fromResources() and fromTag() can be used from the RuleScope class.
• cloudfront: Distribution behaviors now enable compression by default
• cloudfront: Distribution forwardQueryString and forwardQueryStringCacheKeys have been removed in favor of cachePolicy and the new CachePolicy construct.
• cloudfront: Distributions now default to the "CachingOptimized" managed cache policy

Features

• apigateway: autodetermine the private integration uri (#10730) (46df4a7), closes #10435
• apigateway: grant methods to ApiKey (#10633) (23f77fd), closes #8060
• apigateway: metric methods for RestApi (#10667) (45b1e36), closes #8321
• apigateway: mTLS support (#10521) (eb2c568), closes #10487
• apigatewayv2: http api - metric methods for api and stage (#10686) (aae5d1d), closes #10325 #10726
• appsync: MappingTemplate.dynamoDbQuery - add ability to specify secondary index (#10647) (346dbf4)
• aws-ec2: vpc flow log s3 bucket prefix support (#10779) (11ce726), closes #10778
• aws-ecs-builder: add public ip support (#10646) (cf26821), closes #10644
• cfnspec: cloudformation spec v18.7.0 (#10864) (0bb133e)
• cloudfront: Distribution is now in Developer Preview (#10831) (fe8d5e6)
• cloudfront: support for cache policies (#10656) (5a97d27), closes #9644
• cloudfront: support for origin request policies (#10765) (08efc96), closes #10656 #10656 #9647
• codedeploy: Custom lambda deployment config (#10462) (60ab50f)
• cognito: user pool identity support for Google (#10649) (49ede22)
• config: convenience class with static constants for referencing AWS managed rules (#10834) (85738de)
• config: Scope class for scoping config rules to a specific resource, resource types, tags (#10821) (25eb1c2)
• config: the AWS Config Construct Library is now Generally Available (stable) (#10875) (88e1cd9)
• core: BundlingDockerImage now supports run() and cp() utilities (#9728) (37fdc94), closes #9329
• ec2: add c5a instance class (240d4b5)
• ec2: t4g instances (#10817) (5e0cd2b), closes #10816
• eks: Auto select AMI type for T4g instance type (#10360) (a4bac34), closes #10361
• eks: Support KubernetesVersion 1.18 (#10854) (25897d6), closes #10853
• events-targets: allow passing a role to the CodeBuild target (#10865) (f085a09)
• lambda-python: bundle dependencies in a lambda layer (#9582) (aebac92), closes #9406 #9944
• pipelines: support SecurityGroups for ShellScriptAction (#10770) (f9afbc5), closes #10621
• s3: Support virtual-hosted style bucket URLs (#10326) (227fb81), closes #10319
• secretsmanager: hosted rotation (#10790) (2cb8e22)

Bug Fixes

• cloudfront: compression disabled by default for Distribution (#10794) (3327b7f)
• codebuild: add BatchPutCodeCoverages permission to Project by default (#10835) (dec8e07)
• core: CfnCodeDeployBlueGreenHook outputs empty optional objects to the template (#10809) (d88f034), closes #10803
• core: partial wildcards don't work with selective bundling (#10767) (f7ce079), closes #10732
• dynamodb: grantTableListStreams() permissions have incorrect Resource (#10631) (b2f16b3), closes #9511
• ec2: VPN preSharedKey cannot be a Token (#10725) (55fa055), closes #10723
• events: cannot use tokens as event bus name (#10772) (8bee193), closes #10467
• lambda: grantInvoke on imported function fails (#10622) (99111f7), closes #8828 #10607
• lambda-nodejs: cache performance (#10763) (d34773f)
• s3: correct write permission with key decrypt (#10679) (c39cf95), closes #8947
• s3-deployment: User metadata was added with wrong prefix (x-amzn-meta-) (#10678) (6b3687c), closes #8459