⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES
- eks: the
@aws-cdk/eks.KubectlLayerlayer class has been moved to@aws-cdk/lambda-layer-kubectl.KubectlLayer.
Features
- codebuild: add
webhookTriggersBatchBuildoption to third-party Git sources (#11743) (d9353b7), closes #11663 - codebuild: prevent using Secrets in plain-text environment variables (#12150) (998af8f)
- ecs: deployment circuit breaker support (#12168) (e8801a0)
- ecs-patterns: containerName for QueueProcessingEc2Service (88d4149), closes #10517
- Configre containerName for QueueProcessingFargateService (fad27f6)
- eks: aws-node-termination-handler for spot instances now pulls the image from public ECR (#12141) (c752fab), closes #12134
- eks: bundle kubectl, helm and awscli instead of SAR app (#12129) (63bc98f), closes #11874
- eks: option to disable manifest validation (#12012) (579b923), closes #11763
- eks: spot support for managed nodegroups (#11962) (6ccd00f), closes #11827
- elasticsearch: add support for version 7_8 and 7_9 (#12222) (09d1f6c), closes #12202
- elasticsearch: Support
EnableVersionUpgradeupdate policy (#12239) (14f8b06), closes #12210 - rds: add grantConnect for RDS Proxy (#12243) (eb45ca8), closes #10133
- rds: add support for setting public accessibility (#12164) (b8f48e5), closes #12093
- s3: option to auto delete objects upon bucket removal (#12090) (32e9c23), closes #3297 #9751
Bug Fixes
- codebuild: missing permissions for SecretsManager environment variables (#12121) (1a13d8f)
- codebuild: Project lacks permissions to its log destinations (#12213) (b92ed51), closes #11444 #12179
- codepipeline-actions: use codebuild batch iam permissions when
executeBatchBuild: true(#12181) (5279f37) - elasticsearch: domain configured with access policies and a custom kms key fails to deploy (#11699) (245ee6a)