Skip to content

Latest commit

 

History

History
2208 lines (1726 loc) · 377 KB

CHANGELOG.v2.md

File metadata and controls

2208 lines (1726 loc) · 377 KB

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

2.27.0 (2022-06-02)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

  • core: so this PR attempts to smooth a rough edge by "locking" the logicalId when exportValue is called. If the user attempts to override the id after that point, an error message will be thrown

Features

Bug Fixes

2.26.0 (2022-05-27)

Features

Bug Fixes

2.25.0 (2022-05-20)

Features

Bug Fixes

2.24.1 (2022-05-12)

2.24.0 (2022-05-11)

Features

Bug Fixes

  • cognito: UserPoolDomain.baseUrl() does not return FIPS-compliant url for gov cloud regions (#20200) (dd10df1), closes #20182 #12500
  • stepfunctions: map property maxConcurrency is not token-aware (#20279) (14be764), closes #20152

2.23.0 (2022-05-04)

Features

Bug Fixes

2.22.0 (2022-04-27)

Features

  • aws-cognito: send emails with a verified domain (#19790) (1d2b1d3), closes #19762
  • aws-eks: add annotations and labels to service accounts (#19609) (82aec9d), closes #19607
  • cloudwatch: expose dashboardArn for CloudWatch dashboard L2 construct (#20059) (df9814f)
  • rds: allow DatabaseClusterFromSnapshot to set copyTagsToSnapshot property (#19932) (40a6ceb), closes #19884

Bug Fixes

2.21.1 (2022-04-22)

Bug Fixes

  • imagebuilder: revert property field typings (5e4dca2)

2.21.0 (2022-04-22)

Features

Bug Fixes

Reverts

2.20.0 (2022-04-07)

Features

Bug Fixes

  • aws_applicationautoscaling: Add missing members to PredefinedMetric enum (#18978) (75a6fa7), closes #18969
  • cli: apps with many resources scroll resource output offscreen (#19742) (053d22c), closes #19160
  • cli: support attributes of DynamoDB Tables for hotswapping (#19620) (2321ece), closes #19421
  • cloudwatch: automatic metric math label cannot be suppressed (#17639) (7fa3bf2)
  • codedeploy: add name validation for Application, Deployment Group and Deployment Configuration (#19473) (9185042)
  • codedeploy: the Service Principal is wrong in isolated regions (#19729) (7e9a43d), closes #19399
  • core: Fn.select incorrectly short-circuits complex expressions (#19680) (7f26fad)
  • core: detect and resolve stringified number tokens (#19578) (7d9ab2a), closes #19546 #19550
  • core: reduce CFN template indent size to save bytes (#19656) (fd63ca3)
  • ecs: 'desiredCount' and 'ephemeralStorageGiB' cannot be tokens (#19453) (c852239), closes #16648
  • ecs: remove unnecessary error when adding volume to external task definition (#19774) (5446ded), closes #19259
  • iam: policies aren't minimized as far as possible (#19764) (876ed8a), closes #19751
  • logs: Faulty Resource Policy Generated (#19640) (1fdf122), closes #17544

2.19.0 (2022-03-31)

Features

  • aws-ec2: Enable/disable EC2 "Detailed Monitoring" (#19437) (94f9d27)
  • core: add size.isUnresolved (#19569) (ed26731)
  • ecs-patterns: PlacementStrategy and PlacementConstraint for many patterns (#19612) (0096e67)
  • elbv2: use addAction() on an imported application listener (#19293) (18a6b0c), closes #10902
  • lambda: warn if you use function.grantInvoke while also using currentVersion (#19464) (fd1fff9), closes #19273 #19318

Bug Fixes

2.18.0 (2022-03-28)

Features

Bug Fixes

2.17.0 (2022-03-17)

Features

Bug Fixes

  • cli: failure to load malformed YAML is swallowed (#19338) (1875c28), closes #19335
  • lambda-event-sources: increase batch size restriction (#19317) (1bc5144), closes #19285
  • lambda-nodejs: cannot use esbuildArgs with older esbuild versions (#19343) (59a4d81)
  • stepfunctions-tasks: migrate from deprecated batch properties (#19298) (75f5b3b), closes #18993

2.16.0 (2022-03-11)

Features

Bug Fixes

  • aws-apigateway: missing comma to make failure response payload valid json (#19253) (b1fce4f), closes #19252
  • aws-route53-targets: add support for custom cname_prefix urls in elastic beanstalk environment endpoint target (#18804) (289a794)
  • cli: watch logs always end with the 'truncated' message (#19241) (d3fdfe5), closes #18805
  • cli: deprecated stack ids printed at the end of synth (#19216) (7d8a479), closes #18599
  • cli: notices refresh doesn't respect the --no-notices flag (#19226) (b3c5fe8)
  • efs: fix bug when setting both lifecyclePolicy and outOfInfrequentAccessPolicy (#19082) (d435ab6), closes #19058
  • lambda-nodejs: local tsc detection with pre compilation (#19266) (5de7b86), closes #19242
  • rds: allow cluster from snapshot to enable encrypted storage (#19175) (bd4141d), closes #17241
  • rds: read replica instance cannot join domain (#19202) (cef8fec), closes #18786
  • rds: subnet selection not respected for multi user secret rotation (#19237) (dc7a17c), closes #19233

2.15.0 (2022-03-01)

Features

Bug Fixes

2.14.0 (2022-02-25)

Features

Bug Fixes

  • cli: hotswapping is slow for many resources deployed at once (#19081) (040238e), closes #19021
  • s3-notifications: notifications allowed with imported kms keys (#18989) (7441418)
  • API compatibility check fails in CI pipeline (#19069) (6ec1005), closes #19070
  • cloudfront: trim autogenerated cache policy name (#18953) (c7394c9), closes #18918
  • elasticloadbalancingv2: validate port/protocol are not provided for lambda targets (#19043) (64d26cc), closes #12514
  • route53: fix cross account delegation deployment dependency (#19047) (692a0d0), closes #19041

2.13.0 (2022-02-18)

Features

Bug Fixes

2.12.0 (2022-02-08)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

  • cxapi: of behavior.

Instead, this PR gets rid of the entire set of FUTURE_FLAGS_DEFAULTS set to false -- there's no point to having them anyway, and it gets rid of the associated merge conflicts.

Also shore up the docs for these flags a little.

Miscellaneous Chores

  • cxapi: reduce merge conflicts in feature flags (#18411) (dcdb58a)

2.11.0 (2022-02-08)

Features

Bug Fixes

  • core: correctly reference versionless secure parameters (#18730) (9f6e10e), closes #18729
  • ec2: UserData.addSignalOnExitCommand does not work in combination with userDataCausesReplacement (#18726) (afdc550), closes #12749
  • tooling: update vscode devcontainer image (#18455) (28647f7)
  • vpc: Vpc.fromLookup should throw if subnet group name tag is explicitly given and does not exist (#18714) (13e1c7f), closes #13962

Reverts

2.10.0 (2022-01-29)

Features

Bug Fixes

  • aws-apigateway: cross region authorizer ref (#18444) (0e0a092)
  • aws-lambda-nodejs: pre compilation with tsc is not being run (#18062) (7ac7221), closes #18002
  • cli: hotswap should wait for lambda's updateFunctionCode to complete (#18536) (0e08eeb), closes #18386 #18386
  • elasticloadbalancingv2: ApplicationLoadBalancer.logAccessLogs does not grant all necessary permissions (#18558) (bde1795), closes #18367
  • pipelines: undeployable due to dependency cycle (#18686) (009d689), closes #18492 #18673
  • region-info: incorrect codedeploy service principals (#18505) (16db963)
  • route53: add RoutingControlArn to HealthCheck patch (#18645) (c58e8bb), closes #18570
  • s3: add missing safe actions to grantWrite, grantReadWrite and grantPut methods (#18494) (940d043), closes #13616
  • secretsmanager: SecretRotation for secret imported by name has incorrect permissions (#18567) (9ed263c), closes #18424
  • stepfunctions: task token integration cannot be used with API Gateway (#18595) (678eede), closes #14184 #14181
  • stepfunctions-tasks: cluster creation fails with unresolved release labels (#18288) (9940952)

2.9.0 (2022-01-26)

Features

Bug Fixes

  • apigateway: enabled property of ApiKeyProps is ignored (#18407) (c31f9b4)
  • applicationautoscaling: typo in DYANMODB_WRITE_CAPACITY_UTILIZATION (#18085) (626e6aa), closes #17209
  • assertions: object partiality is dropped passing through arrays (#18525) (eb29e6f)
  • cli: cdk watch constantly prints 'messages suppressed' (#18486) (9b266f4), closes #18451
  • cli: warning to upgrade to bootstrap version >= undefined (#18489) (da5a305)
  • ec2: interface endpoints do not work with Vpc.fromLookup() (#18554) (f55cd2b), closes #17600
  • ec2: launch template names in imdsv2 not unique across stacks (under feature flag) (#17766) (2a80e4b)
  • ecs: only works in 'aws' partition (#18496) (525ac07), closes #18429
  • ecs-patterns: Fix Network Load Balancer Port assignments in ECS Patterns (#18157) (1393729), closes #18073
  • elbv2: BaseLoadBalancer.vpc is not optional (#18474) (f511c17), closes aws/jsii#3342
  • pipelines: "Maximum schema version supported" error (#18404) (a684ff4), closes #18370
  • pipelines: CodeBuild projects are hard to tell apart (#18492) (f6dab8d)
  • pipelines: graphnode dependencies can have duplicates (#18450) (2b0b5ea)
  • secretsmanager: Secret requires KMS key for some same-account access (#17812) (91f3539), closes #15450

Reverts

2.8.0 (2022-01-13)

Features

  • aws-s3: support number of newer versions to retain in lifecycle policy (#18225) (e1731b1), closes #17996 #17996
  • cli: watch streams resources' CloudWatch logs to the terminal (#18159) (a9038ae), closes #18122
  • ecs-service-extensions: Enable default logging to CloudWatch for extensions (under feature flag) (#17817) (06666f4)

Bug Fixes

2.7.0 (2022-01-12)

Features

Bug Fixes

2.6.0 (2022-01-12)

Bug Fixes

  • appmesh: allow a Virtual Node have as a backend a Virtual Service whose provider is that Node (#18265) (272b6b1), closes #17322

2.5.0 (2022-01-09)

Bug Fixes

  • aws-kinesis: remove default shard count when stream mode is on-demand and set default mode to provisioned (#18221) (cac11bb), closes #18139
  • cli: breaks due to faulty version of colors (#18324) (#18328) (b851bc3)

2.4.0 (2022-01-06)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

  • cfn2ts: some "complex" property types within the generated CloudFormation interfaces (i.e: properties of Cfn* constructs) with names starting with a capital letter I followed by another capital letter are no longer incorrectly treated as behavioral interfaces, and might hence have different usage patterns in non-TypeScript languages. Such interfaces were previously very difficult to use in non-TypeScript languages, and required convoluted workarounds, which can now be removed.
  • opensearchservice: imported domain property domainEndpoint used to contain https:// prefix, now the prefix is dropped and it returns the same value as a domainEndpoint on a created domain

Features

Bug Fixes

Reverts

  • cfnspec: add CloudFormation documentation to L1 classes (#18177) (2530016)

2.3.0 (2021-12-22)

2.2.0 (2021-12-15)

Features

Bug Fixes

2.1.0 (2021-12-08)

Features

Bug Fixes

  • aws-cdk: cdk diff always fails on diff (#17862) (6bb4a46), closes #4721
  • aws-ec2: imported VPC subnets never recognized as PRIVATE_ISOLATED (#17496) (ba6a8ef)
  • aws-elasticloadbalancingv2: Set stickiness.enabled unless target type is lambda (#17271) (168a98f), closes #17261
  • cli: S3 asset uploads are rejected by commonly referenced encryption SCP (introduces bootstrap stack v9) (#17668) (8191f1f), closes #11265
  • codepipeline: cannot trigger on all tags anymore in EcrSourceAction (#17270) (39fe11b), closes aws#13818 aws#13818
  • codepipeline: cross-env pipeline cannot be created in Stage (#17730) (f17f29e), closes #17643
  • core: bundling skipped with --exclusively option and stacks under stage (#17210) (cda6601), closes #12898 #15346
  • docdb: secret rotation ignores excluded characters in password (#17609) (1fe2215), closes #17347 #17575
  • dynamodb: add missing DynamoDB operations to enum (#17738) (f38e0ac)
  • dynamodb: changing waitForReplicationToFinish fails deployment (#17842) (36b8fdb), closes #16983
  • ecs-patterns: removeDefaultDesiredCount feature flag not expired properly (#17865) (7fb639a)
  • lambda: recognizeVersionProps featureFlag not defaulting correctly (#17866) (f19fc39), closes #17810
  • lambda-nodejs: bundling fails with a file dependency in nodeModules (#17851) (5737c33), closes #17830
  • lambda-nodejs: bundling with nodeModules fails with paths containing spaces (#17632) (986f291), closes #17631
  • pipelines: stack outputs used in stackSteps not recognized (#17311) (5e4a219), closes #17272
  • stepfunctions: prefixes not appended to states in parallel branches (#17806) (a1da772), closes #17354

2.0.0 (2021-12-02)

Features

  • aws-cdk-lib is now stable! (fa2ecc9)

2.0.0-rc.33 (2021-11-26)

2.0.0-rc.32 (2021-11-25)

2.0.0-rc.31 (2021-11-23)

Features

Bug Fixes

  • apigateway: SAM CLI asset metadata missing from SpecRestApi (#17293) (841cf99), closes #14593
  • assets: add missing SAM asset metadata information (#17591) (55df760), closes #14593
  • assets: SAM asset metadata missing from log retention and custom resource provider functions (#17551) (a90e959)
  • autoscaling: add timezone property to Scheduled Action (#17330) (3154a58)
  • aws-codebuild: add @aws-cdk/asserts to package deps (#17435) (9c77e94)
  • aws-ecs: check for invalid capacityProviderName (#17291) (6e2fde4), closes #17321
  • aws-lambda-event-sources: Function.addEventSource fails for ManagedKafkaEventSource typed parameters (#17490) (a474ee8)
  • aws-logs: include new policy.ts exports in index.ts exports (#17403) (a391468)
  • cli: improve asset publishing times by up to 30% (#17409) (40d6a48), closes #17266
  • cli: skip bundling for the 'watch' command (#17455) (af61b7f), closes #17391
  • cloudwatch: render agnostic alarms in legacy style (#17538) (7c50ef8)
  • ec2: Duplicate EIP when NatGatewayProps.eipAllocationIds is provided (#17235) (050f6fa)
  • eks: Allow specifying subnets in Pinger (#17429) (6acee52)
  • kinesis: add required rights to trigger Lambda from Kinesis. Fixes issue #17312. (#17358) (0bfc15c)
  • lambda: SAM CLI asset metadata missing from image Functions (#17368) (f52d9bf)
  • NestedStack: add asset metadata to NestedStack resources for local tooling (#17343) (4ba40dc)
  • opensearch: correctly validate ebs configuration against instance types (#16911) (34af598), closes #11898
  • s3-deployment: updating memoryLimit or vpc results in stack update failure (#17530) (2ba40d1), closes #7128
  • sns-subscriptions: enable cross region subscriptions to sqs and lambda (#17273) (3cd8d48), closes #7044 #13707
  • ssm: fix service principals for all regions since ap-east-1 (#17047) (5900548), closes #16188

2.0.0-rc.30 (2021-11-17)

2.0.0-rc.29 (2021-11-10)

2.0.0-rc.28 (2021-11-09)

Features

Bug Fixes

Reverts

2.0.0-rc.27 (2021-10-27)

Features

Bug Fixes

  • rds: using both Instance imports & exports for Postgres fails deployment (#17060) (ab627c6), closes #16757

2.0.0-rc.26 (2021-10-25)

Bug Fixes

2.0.0-rc.25 (2021-10-22)

Features

Bug Fixes

2.0.0-rc.24 (2021-10-13)

Features

  • aws-chatbot: allow adding a sns topic in existing SlackChannel (#16643) (d29a20b), closes #15588
  • aws-ec2: userdata cfn-signal signal resource which is different than the attached resource (#16264) (f24a1ae)
  • backup: expose method to add statements to the vault policy (#16597) (3ff1537)
  • backup: option to prevent recovery point deletions (#16282) (6e71806)
  • cfnspec: cloudformation spec v41.1.0 (#16472) (28875f9)
  • cfnspec: cloudformation spec v41.1.0 (#16524) (124a7a1)
  • cfnspec: cloudformation spec v41.2.0 (#16550) (e047bd8)
  • cfnspec: cloudformation spec v42.0.0 (#16639) (2157acd)
  • cfnspec: cloudformation spec v43.0.0 (#16748) (7c473a6)
  • cfnspec: cloudformation spec v43.0.0 (#16820) (071756c)
  • cfnspec: cloudformation spec v43.0.0 (#16842) (ebb211b)
  • cli: hotswap deployments for ECS Services (#16864) (ad7288f)
  • cli: hotswap deployments for StepFunctions State Machines (#16489) (c3417f6)
  • cloudfront: support Behavior-specific viewer protocol policy for CloudFrontWebDistribution (#16389) (5c028c5), closes #7086
  • cloudwatch: support cross-environment search expressions (#16539) (c165138), closes #9039
  • config: EC2_INSTANCE_PROFILE_ATTACHED managed rule (#16011) (816a319)
  • ec2: add X2gd instances (#16810) (6d468d2), closes #16794
  • ec2/ecs: cacheInContext properties for machine images (#16021) (430f50a), closes #12484
  • ecr-assets: control docker image asset hash (#16070) (13f67e7), closes #15936
  • ecs-service-extensions: Publish Extension (#16326) (c6c5941)
  • eks: connectAutoScalingGroupCapacity on imported clusters (#14650) (7f7be08)
  • eks: add warning to fargateProfile (#16631) (41fdebb), closes #16349
  • elbv2: support ALB target for NLB (#16687) (27cc821), closes #16679
  • lambda: configure workdir for docker image based functions (#16111) (b3eafc2)
  • lambda: docker platform for architecture (#16858) (5c258a3)
  • lambda: support for ARM architecture (b3ba35e)
  • lambda: support for ARM architecture (#16719) (67b4921)
  • lambda: use bundling docker image from ECR public for dotnet and go runtimes (#16281) (9bbfd18)
  • lambda-event-sources: self managed kafka: support sasl/plain authentication (#16712) (d4ad93f)
  • opensearch: rebrand Elasticsearch as OpenSearch (e6c4ca5), closes aws/aws-cdk#16467
  • opensearch: rebrand Elasticsearch as OpenSearch (#16517) (fad855e)
  • pipeline: allow enabling KMS key rotation for cross-region Stacks (#16468) (2a629dd), closes #14381
  • pipelines: stack-level steps (#16215) (d499c85), closes #16148
  • rds: region replication for generated secrets (#16497) (1e9d8be), closes #16480
  • s3-deployment: enable efs support for handling large files in lambda (#15220) (2737119)
  • sns: adding support for firehose subscription protocol (#15764) (18aff6b)
  • stepfunctions-tasks: add step concurrency level to EmrCreateCluster (#15242) (1deea90), closes #15223
  • stepfunctions-tasks: AWS SDK service integrations (#16746) (ae840ff), closes #16780
  • allow stale bot trigger manually (#16586) (fc8cfee)
  • stepfunctions-tasks: support Associate Workflow Executions on StepFunctionsStartExecution via associateWithParent property (#16475) (7d3b90b), closes #14778

Bug Fixes

Reverts

  • aws-eks: "fix(aws-eks): Support for http proxy in EKS onEvent lambda" (#16651) (376c837)

2.0.0-rc.23 (2021-09-22)

2.0.0-rc.22 (2021-09-15)

2.0.0-rc.21 (2021-09-08)

Features

Bug Fixes

  • aws-rds: fromDatabaseInstanceAttributes incorrectly stringifies ports with tokens (#16286) (41b831a), closes #11813
  • core: allow asset bundling when selinux is enabled (#15742) (dbfebb4)
  • core: inconsistent analytics string across operating systems (#16300) (ff6082c), closes #15322
  • docs: unnecessary log group in Step Functions state machine x-ray example (#16159) (04d4547)
  • elasticloadbalancingv2: target group health check does not validate interval versus timeout (#16107) (a85ad39), closes #3703
  • s3: bucket is not emptied before update when the name changes (#16203) (b1d69d7), closes #14011

Reverts

2.0.0-rc.20 (2021-09-01)

Features

Bug Fixes

  • (aws-ec2): fix vpc endpoint incorrect issue in China region (#16139) (0d0db38), closes #9864
  • resourcegroups: ResourceGroup not using TagType.STANDARD, causes deploy failure (#16211) (cdee1af), closes #12986
  • sqs: unable to import a FIFO queue when the queue ARN is a token (#15976) (a1a65bc), closes #12466
  • ssm: StringParameter.fromStringParameterAttributes cannot accept version as a numeric Token (#16048) (eb54cd4), closes #11913

2.0.0-rc.19 (2021-08-25)

Features

Bug Fixes

  • KubectlHandler - insecure kubeconfig warning (#16063) (82dd282), closes #14560
  • cfnspec: changes to resource-level documentation not supported (#16170) (82e4b4f)
  • cli: 'deploy' and 'diff' silently does nothing when given unknown stack name (#16073) (f35b032), closes #15866
  • cli: Python init template does not work in directory with '-' (#15939) (3b2c790), closes #15938
  • cli: unknown command pytest in build container fails integration tests (#16134) (0f7c0b4), closes #15939
  • ec2: opaque error when insufficient NAT EIPs are configured (#16040) (a308cac), closes #16039
  • events: cross-account event targets that have a Role are broken (#15717) (f570c94), closes #15639
  • s3-deployment: BucketDeployment doesn't validate that distribution paths start with "/" (#15865) (f8d8795), closes #9317
  • ses: drop spam rule appears in the incorrect order (#16146) (677fedc), closes #16091

Reverts

2.0.0-rc.18 (2021-08-18)

Features

Bug Fixes

2.0.0-rc.17 (2021-08-11)

Features

Bug Fixes

  • aws-cloudwatch: unable to use generic extended statistics for cloudwatch alarms (#15720) (f593311)
  • aws-eks: Allow desiredsize minsize and maxsize to accept CfnParameters. (#15487) (fb43769)
  • chatbot: ARN validation in fromSlackChannelConfigurationArn fails for tokenized values (#15849) (440ca35), closes #15842
  • cli: move fail option into the diff command (#15829) (473c1d8)
  • ec2: volumename doesn't set name of volume (#15832) (b842702), closes #15831
  • elasticsearch: advancedOptions in domain has no effect (#15330) (81cbfec), closes #14067
  • elasticsearch: slow logs incorrectly disabled for Elasticsearch versions lower than 5.1 (#15714) (91cf79b), closes #15532 #15532
  • elbv2: unresolved listener priority throws error (#15804) (fce9ac7)
  • pipelines: new pipeline stages aren't validated (#15665) (309b9b4)
  • pipelines: permissions check in legacy API does not work (#15660) (5e3cf2b)
  • pipelines: Prepare stage doesn't have AUTO_EXPAND capability (#15819) (a6fac49), closes #15711
  • pipelines: Secrets Manager permissions not added to asset projects (#15718) (7668400), closes #15628
  • s3: notifications are broken in some regions (#15884) (ee19196)
  • stepfunctions: non-object arguments to recurseObject are incorrectly treated as objects (#14631) (e133bca), closes #12935 aws-cdk/aws-stepfunctions/lib/input.ts#L65
  • stepfunctions-tasks: instance type cannot be provided to SageMakerCreateTransformJob as input path (#15726) (6f2384d)
  • stepfunctions-tasks: Stage field not included in CallApiGatewayHttpApiEndpoint task definition (#15755) (4f38fe1), closes #14242

2.0.0-rc.16 (2021-08-04)

2.0.0-rc.15 (2021-07-28)

Features

Bug Fixes

  • iam: PrincipalWithConditions.addCondition does not work (#15414) (fdce08c)

2.0.0-rc.14 (2021-07-21)

2.0.0-rc.13 (2021-07-20)

2.0.0-rc.12 (2021-07-14)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

  • appmesh: static methods from TlsCertificate have been changed to accept positional arguments
  • appmesh: the type TlsListener has been renamed to ListenerTlsOptions

Features

Bug Fixes

  • aws-elasticloadbalancingv2: cannot clear access logging bucket prefix (#15149) (2e93fb9), closes #14044
  • aws-iam: prevent adding duplicate resources and actions (#14712) (a8298cb), closes #13611
  • bootstrap: deploy-role could directly access buckets in target account (#15192) (d04e288), closes #12985 #14082 #13422
  • cdk-assets: content type not correctly set when publishing files (#15069) (9b1a4f9)
  • cfn-include: NestedStack's Parameters are not converted to strings (#15098) (8ad33b8), closes #15092
  • cli: cdk synth too eager with validation in Pipelines (#15147) (ae98e88), closes #14613 #15130
  • cli: cdk synth doesn't output yaml for stacks with dependency stacks (#14805) (44feee6), closes #3721
  • cli: deployment error traceback overwritten by progress bar (#14812) (d4a0af1), closes #14780
  • cli: HTTP timeout is too low for some asset uploads (#13575) (23c58d6), closes #13183
  • cli: option --all selects stacks in nested assemblies (#15046) (0d00e50)
  • cli: partition is not being resolved at missing value lookup (#15146) (cc7191e), closes #15119
  • cli: stack glob patterns only select one stack (#15071) (fcd2a6e)
  • cloudfront: cannot set header including 'authorization' in OriginRequestPolicy (#15327) (3a2f642), closes #15286
  • codebuild: Project's Role has permissions to the entire Bucket when using S3 as the source (#15112) (9d01b4f)
  • codebuild: Secret env variable as token from another account fails on Key decryption (#14483) (91e80d7), closes #14477
  • codepipeline-actions: reduce S3SourceAction role permissions to just the key (#15304) (d2c76aa), closes #15112
  • core: 1 hour renders as 60 minutes (#15125) (adcd8c3)
  • core: CloudFormation dynamic references can't be assigned to num… (#14913) (39aacc8), closes #14824
  • core: parsing an ARN with a slash after a colon in the resource part fails (#15166) (16b8a4e), closes /github.com/aws/aws-cdk/pull/15140/files#r653112073
  • ecs: TagParameterContainerImage cannot be used across accounts (#15073) (486f2e5), closes #15070
  • eks: kubectl version 1.21.0 breaks object pruning (#15314) (623689d), closes #15072
  • eks: kubectl version 1.21.0 breaks object pruning (#15314) (74da5c1), closes #15072
  • elasticsearch: Domain.fromDomainAttributes gives "Invalid URL" when endpoint is a token (#15219) (ecb5af8), closes #15188
  • lambda: deployment failure when layers are added to container functions (#15037) (8127cf2), closes #14143
  • lambda-event-sources: kafka event source expects credentials even when accessed via vpc (#14804) (5eb1e75)
  • lambda-nodejs: unstable asset hashes with bundling.nodeModules (#15229) (4b5418c), closes #15023
  • secretsmanager: support secrets rotation in partition 'aws-cn' (#14608) (5061a8d), closes #13385
  • stepfunctions-tasks: checking for task token in EcsRunTask containerOverrides causes memory explosion (#15187) (af53798), closes #15124
  • stepfunctions-tasks: EcsRunTask containerOverrides throws if container name doesn't match construct ID (#15190) (5f59787), closes #15171
  • stepfunctions-tasks: instance type for SageMakerCreateTrainingJob cannot be specified dynamically through JSONPath (#15215) (9280d95), closes #11928

2.0.0-rc.11 (2021-07-07)

2.0.0-rc.10 (2021-06-30)

2.0.0-rc.9 (2021-06-23)

2.0.0-rc.8 (2021-06-16)

Features

  • ecs-patterns: Add Load Balancer name to ApplicationLoadBalancedFargateService props (#14831) (c432fb4)
  • ecs-patterns: Add support for Docker labels to ECS Patterns (#14783) (00c11b5)

Bug Fixes

  • ecs: Can't enable both Fargate and ASG capacity providers on ECS Cluster (#15012) (6b2d0e0), closes #14730

2.0.0-rc.7 (2021-06-09)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

  • cfnspec: imageScanningConfiguration property of ecr.CfnRepository now accepts scanOnPush instead of ScanOnPush (notice the casing change).
  • appmesh: the creation property clientPolicy in VirtualGateway has been renamed to tlsClientPolicy, and its type changed to TlsClientPolicy
  • appmesh: to create TlsClientPolicy, validation property must be defined.

Features

Bug Fixes

2.0.0-rc.6 (2021-06-02)

2.0.0-rc.5 (2021-05-28)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

  • appmesh: the creation property tlsCertificate in VirtualGatewayListener has been renamed to tls, and its type changed to TlsListener
  • appmesh: the tlsMode property has been removed from the options when creating a TlsCertificate, moved to the new TlsListener interface, and renamed mode
  • lambda-nodejs: using banner and footer now requires esbuild >= 0.9.0

Features

Bug Fixes

  • cli: Updated typo user to uses (#14357) (7fe329c)
  • cognito: user pool - phoneNumberVerified attribute fails deployment (#14699) (cd2589f), closes #14175
  • core: cannot determine packaging when bundling that produces an archive is skipped (#14372) (163e812), closes #14369
  • ecr: add validations for ECR repository names (#12613) (396dca9), closes #9877
  • ecs: Classes FargateService and Ec2Service have no defaultChild (#14691) (348e11e), closes #14665
  • events-targets: circular dependency when adding a KMS-encrypted SQS queue (#14638) (3063818), closes #11158
  • iam: permissions boundaries not added to custom resource roles (#14754) (f36feb5), closes #13310
  • lambda: changing reserved concurrency fails lambda version deployment (#14586) (f47d5cb), closes #11537
  • lambda: unable to access SingletonFunction vpc connections (#14533) (49d18ab), closes #6261
  • lambda-nodejs: banner and footer values not escaped (#14743) (81aa612), closes #13576
  • lambda-nodejs: esbuild detection with Yarn 2 in PnP mode (#14739) (5c84696)
  • rds: Add exception throw when az is defined for multi-az db instance (#14837) (fd8445f), closes #10949 #10949

2.0.0-rc.4 (2021-05-19)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

fixes aws#11640

Features

Bug Fixes

  • cli: synth fails if there was an error when synthesizing the stack (#14613) (71c61e8)
  • lambda: custom resource fails to connect to efs filesystem (#14431) (10a633c)
  • lambda-event-sources: incorrect documented defaults for stream types (#14562) (0ea24e9), closes #13908
  • lambda-nodejs: handler filename missing from error message (#14564) (256fd4c)

2.0.0-rc.3 (2021-05-12)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

IApi interface. The existing ones are moved into IHttpApi and new ones will be added to IWebsocketApi. the IStage interface. The existing ones are moved into IHttpStage and new ones will be added to the IWebsocketStage.

  • lambda-nodejs: the default runtime version for NodejsFunction is now always NODEJS_14_X (previously the version was derived from the local NodeJS runtime and could be either 12.x or 14.x).

Features

Bug Fixes

  • aws-cloudwatch: fix for space in alarm name in alarms for compos… (#13963) (7cdd541)
  • cfn-include: correctly parse Fn::Sub expressions containing serialized JSON (#14512) (fd6d6d0), closes #14095
  • assert matches more than the template on multiple CDK copies (#14544) (f8abdbf), closes #14468
  • cli: 'cdk deploy *' should not deploy stacks in nested assemblies (#14542) (93a3549)
  • cli: 'cdk synth' not able to fail if stacks have errors (#14475) (963d1c7)
  • CodeBuild: add resource only once per secret (#14510) (affaaad)
  • lambda-nodejs: non-deterministic runtime version (#14538) (527f662), closes #13893
  • rds: instance identifiers and endpoints of a Cluster are blank (#14394) (9597d97), closes #14377
  • s3: urlForObject does not consider explicit bucket region (#14315) (e11d537)
  • ssm: dynamic SSM parameter reference breaks with lists (#14527) (3d1baac), closes #14205 #14476

2.0.0-rc.2 (2021-05-11)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

IApi interface. The existing ones are moved into IHttpApi and new ones will be added to IWebsocketApi. the IStage interface. The existing ones are moved into IHttpStage and new ones will be added to the IWebsocketStage.

  • lambda-nodejs: the default runtime version for NodejsFunction is now always NODEJS_14_X (previously the version was derived from the local NodeJS runtime and could be either 12.x or 14.x).

Features

Bug Fixes

  • aws-cloudwatch: fix for space in alarm name in alarms for compos… (#13963) (7cdd541)
  • cfn-include: correctly parse Fn::Sub expressions containing serialized JSON (#14512) (fd6d6d0), closes #14095
  • assert matches more than the template on multiple CDK copies (#14544) (f8abdbf), closes #14468
  • cli: 'cdk deploy *' should not deploy stacks in nested assemblies (#14542) (93a3549)
  • cli: 'cdk synth' not able to fail if stacks have errors (#14475) (963d1c7)
  • CodeBuild: add resource only once per secret (#14510) (affaaad)
  • lambda-nodejs: non-deterministic runtime version (#14538) (527f662), closes #13893
  • rds: instance identifiers and endpoints of a Cluster are blank (#14394) (9597d97), closes #14377
  • s3: urlForObject does not consider explicit bucket region (#14315) (e11d537)
  • ssm: dynamic SSM parameter reference breaks with lists (#14527) (3d1baac), closes #14205 #14476

2.0.0-rc.1 (2021-04-28)

2.0.0-alpha.14 (2021-04-28)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

  • neptune: InstanceType changed from enum to enum-like static factory.

Features

Bug Fixes

  • aws-ecs-patterns, aws-elasticloadbalancingv2: Pass TargetGroup P… (#14092) (a655819), closes #14091
  • codebuild: Secret env variable from another account fails on Key decryption (#14226) (8214338), closes #14043
  • codepipeline-actions: CodeCommit source action fails when it's cross-account (#14260) (1508e60), closes #12391 #14156
  • ec2: r5ad instance-type has incorrect value (#14179) (c80e1cf)
  • iam: unable to configure name of SAML Provider (#14296) (904202a), closes #14294
  • pipelines: Use LinuxBuildImage.STANDARD_5_0 for Assets and UpdatePipeline stages (#14338) (f93d940)

2.0.0-alpha.13 (2021-04-21)

2.0.0-alpha.12 (2021-04-21)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

  • appmesh: HTTP2 VirtualNodeListeners must be now created with Http2VirtualNodeListenerOptions
  • appmesh: HTTP2 VirtualGatewayListeners must be now created with Http2VirtualGatewayListenerOptions

Features

Bug Fixes

  • codepipeline: detect the account of the Action from its backing resource's account, not its Stack's account (#14224) (d88e915), closes #14165
  • pipelines: incorrect BuildSpec in synth step if synthesized with --output (#14211) (0f5c74f), closes #13303

2.0.0-alpha.11 (2021-04-19)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

  • codepipeline-actions: the Action ServiceCatalogDeployAction has been renamed to ServiceCatalogDeployActionBeta1
  • codepipeline-actions: the type ServiceCatalogDeployActionProps has been renamed to ServiceCatalogDeployActionBeta1Props

Features

  • certificatemanager: allow tagging DnsValidatedCertificate (#13990) (8360feb), closes #12382 #12382
  • codebuild: allow setting concurrent build limit (#14185) (3107d03)
  • codepipeline: introduce the Action abstract class (#14009) (4b6a6cc)
  • ecs: add support for elastic inference accelerators in ECS task defintions (#13950) (23986d7), closes #12460
  • eks: Pass bootstrap.sh args to avoid DescribeCluster call and make nodes join the cluster faster (#12659) (f5616cc)
  • elasticloadbalancing: rename 'sslCertificateId' property of LB listener to 'sslCertificateArn'; deprecate sslCertificateId property (#13766) (1a30272), closes #9303 #9303

Bug Fixes

  • aws-cloudfront: distribution comment length not validated (#14020) (#14094) (54fddc6)

  • aws-ecs-patterns: fixes #11123 allow for https listeners to use non Route 53 DNS if a certificate is provided (#14004) (e6c85e4)

  • cfn-include: allow deploy-time values in Parameter substitutions in Fn::Sub expressions (#14068) (111d26a), closes #14047

  • core: toJsonString() does not deal correctly with list tokens (#14138) (1a6d39f), closes #14088

  • fsx: Weekday.SUNDAY incorrectly evaluates to 0 (should be 7) (#14081) (708f23e), closes #14080

  • rds: allow Instances to be referenced across environments (#13865) (74c7fff), closes #13832

  • codepipeline-actions: change the name of the ServiceCatalogDeployAction (#13780) (a99e901)

2.0.0-alpha.10 (2021-03-31)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

  • core: The type of the image property in BundlingOptions is changed from BundlingDockerImage to DockerImage.
  • core: The return type of the DockerImage.fromBuild() API is changed from BundlingDockerImage to DockerImage.
  • lambda-nodejs: The type of image property in the Bundling class is changed from BundlingDockerImage to DockerImage.
  • lambda-nodejs: The type of dockerImage property in BundlingOptions is changed from BundlingDockerImage to DockerImage.
  • apigatewayv2: The type of allowMethods property under corsPreflight section is changed from HttpMethod to CorsHttpMethod.
  • lambda-nodejs: the default runtime of a NodejsFunction is now Node.js 14.x if the environment from which it is deployed uses Node.js >= 14 and Node.js 12.x otherwise.
  • appmesh: Backend, backend default and Virtual Service client policies structures are being altered
  • appmesh: you must use the backend default interface to define backend defaults in VirtualGateway. The property name also changed from backendsDefaultClientPolicy to backendDefaults
  • appmesh: you must use the backend default interface to define backend defaults in VirtualNode, (the property name also changed from backendsDefaultClientPolicy to backendDefaults), and the Backend class to define a backend
  • appmesh: you can no longer attach a client policy to a VirtualService
  • apigatewayv2: HttpApiMapping (and related interfaces for Attributed and Props) has been renamed to ApiMapping
  • apigatewayv2: CommonStageOptions has been renamed to StageOptions
  • apigatewayv2: HttpStage.fromStageName has been removed in favour of HttpStage.fromHttpStageAttributes
  • apigatewayv2: DefaultDomainMappingOptions has been removed in favour of DomainMappingOptions
  • apigatewayv2: HttpApiProps.defaultDomainMapping has been changed from DefaultDomainMappingOptions to DomainMappingOptions
  • apigatewayv2: HttpApi.defaultStage has been changed from HttpStage to IStage
  • apigatewayv2: IHttpApi.defaultStage has been removed

Features

Bug Fixes

  • apigatewayv2: error while configuring ANY as an allowed method in CORS (#13313) (34bb338), closes #13280 #13643

  • appmesh: Move Client Policy from Virtual Service to backend structure (#12943) (d3f4284), closes #11996

  • autoscaling: AutoScaling on percentile metrics doesn't work (#13366) (46114bb), closes #13144

  • aws-ecs: drain hook lambda allows tasks to stop gracefully (#13559) (3e1148e), closes #13506

  • cfn-include: allow boolean values for string-typed properties (#13508) (e5dab7c)

  • cfn-include: allow dynamic mappings to be used in Fn::FindInMap (#13428) (623675d)

  • cloudfront: cannot add two EdgeFunctions with same aliases (#13324) (1f35351), closes #13237

  • cloudwatch: cannot create Alarms from labeled metrics that start with a digit (#13560) (278029f), closes #13434

  • cloudwatch: MathExpression period of <5 minutes is not respected (#13078) (d9ee914), closes #9156

  • cloudwatch: metric label not rendered into Alarms (#13070) (cbcc712)

  • codebuild: allow FILE_PATH webhook filter for BitBucket (#13186) (cbed348), closes #13175

  • codebuild: allow passing the ARN of the Secret in environment variables (#13706) (6f6e079), closes #12703

  • codebuild: Fixed build spec file format to return yaml (#13445) (fab93c6)

  • codebuild: module fails to load with error "Cannot use import statement outside a module" (b1ffd33), closes #13699 #13699

  • codedeploy: script installing CodeDeploy agent fails (#13758) (25e8d04), closes #13755

  • codedeploy: Use aws-cli instead of awscli for yum (#13655) (449ce12)

  • codepipeline-actions: BitBucketAction fails with S3 "Access denied" error (#13637) (77ce45d), closes #13557

  • cognito: imported userpool not retaining environment from arn (#13715) (aa9fd9c), closes #13691

  • core: toJsonString() cannot handle list intrinsics (#13544) (a5be042), closes #13465

  • core: custom resource provider NODEJS_12 now looks like Lambda's NODEJS_12_X, add Node 14 (#13301) (3413b2f)

  • dynamodb: replicas not created on table replacement (#13300) (c7c424f), closes #12332

  • ec2: fix typo's in WindowsImage constants (#13446) (781aa97)

  • ec2: NAT provider's default outbound rules cannot be disabled (#12674) (664133a), closes #12673

  • ec2: readme grammar (#13180) (fe4f056)

  • ec2: Security Groups support all protocols (#13593) (8c6b3eb), closes #13403

  • ec2: Throw error on empty InitFile content (#13009) (#13119) (81a78a3)

  • ecr: Allow referencing an EcrImage by digest instead of tag (#13299) (266a621), closes #5082

  • ecr: Generate valid CloudFormation for imageScanOnPush (#13420) (278fba5), closes #13418

  • ecs: services essential container exceptions thrown too soon (#13240) (c174f6c), closes #13239

  • elasticloadbalancingv2: should allow more than 2 certificates (#13332) (d3155e9), closes #13150

  • elasticloadbalancingv2: upgrade to v1.92.0 drops certificates on ALB if more than 2 certificates exist (#13490) (01b94f8), closes #13332 #13437

  • events: cannot trigger multiple Lambdas from the same Rule (#13260) (c8c1762), closes #13231

  • init: Python init template's stack ID doesn't match other languages (#13480) (3f1c02d)

  • use NodeJS 14 for all packaged custom resources (#13488) (20a2820), closes #13534 #13484

  • events: imported ECS Task Definition cannot be used as target (#13293) (6f7cebd), closes #12811

  • events: imported EventBus does not correctly register source account (#13481) (57e5404), closes #13469

  • events,applicationautoscaling: specifying a schedule rate in seconds results in an error (#13689) (5d62331), closes #13566

  • iam: oidc-provider can't pull from hosts requiring SNI (#13397) (90dbfb5)

  • iam: policy statement tries to validate tokens (#13493) (8d592ea), closes #13479

  • lambda: fromDockerBuild output is located under /asset (#13539) (77449f6), closes #13439

  • lambda: incorrect values for prop UntrustedArtifactOnDeployment (#13667) (0757686), closes #13586

  • lambda-nodejs: paths with spaces break esbuild (#13312) (f983fbb), closes #13311

  • neptune: create correct IAM statement in grantConnect() (#13641) (2e7f046), closes #13640

  • python: change Python namespace to aws_cdk (#13489) (2ff5ca1)

  • rds: fail with a descriptive error if Cluster's instance count is a deploy-time value (#13765) (dd22e8f), closes #13558

  • region-info: ap-northeast-3 data not correctly registered (#13564) (64da84b), closes #13561

  • s3: Notifications fail to deploy due to incompatible node runtime (#13624) (26bc3d4)

  • s3: Notifications fail to deploy due to incompatible node runtime (#13624) (aa32cf6)

  • stepfunctions: SageMakeUpdateEndpoint adds insufficient permissions (#13170) (6126e49), closes #11594

  • stepfunctions: no validation on state machine name (#13387) (6c3d407), closes #13289

  • core: remove all references to BundlingDockerImage in the public API (#13814) (9cceb3f)

  • lambda-nodejs: prepare code to reduce merge conflicts when deprecated APIs are stripped (#13738) (ca391b5)

  • lambda-nodejs: update default runtime (#13664) (ca42461)

2.0.0-alpha.9 (2021-03-24)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

  • lambda-nodejs: the default runtime of a NodejsFunction is now Node.js 14.x if the environment from which it is deployed uses Node.js >= 14 and Node.js 12.x otherwise.
  • appmesh: Backend, backend default and Virtual Service client policies structures are being altered
  • appmesh: you must use the backend default interface to define backend defaults in VirtualGateway. The property name also changed from backendsDefaultClientPolicy to backendDefaults
  • appmesh: you must use the backend default interface to define backend defaults in VirtualNode, (the property name also changed from backendsDefaultClientPolicy to backendDefaults), and the Backend class to define a backend
  • appmesh: you can no longer attach a client policy to a VirtualService
  • apigatewayv2: HttpApiMapping (and related interfaces for Attributed and Props) has been renamed to ApiMapping
  • apigatewayv2: CommonStageOptions has been renamed to StageOptions
  • apigatewayv2: HttpStage.fromStageName has been removed in favour of HttpStage.fromHttpStageAttributes
  • apigatewayv2: DefaultDomainMappingOptions has been removed in favour of DomainMappingOptions
  • apigatewayv2: HttpApiProps.defaultDomainMapping has been changed from DefaultDomainMappingOptions to DomainMappingOptions
  • apigatewayv2: HttpApi.defaultStage has been changed from HttpStage to IStage
  • apigatewayv2: IHttpApi.defaultStage has been removed

Features

Bug Fixes

  • appmesh: Move Client Policy from Virtual Service to backend structure (#12943) (d3f4284), closes #11996

  • autoscaling: AutoScaling on percentile metrics doesn't work (#13366) (46114bb), closes #13144

  • aws-ecs: drain hook lambda allows tasks to stop gracefully (#13559) (3e1148e), closes #13506

  • cfn-include: allow boolean values for string-typed properties (#13508) (e5dab7c)

  • cfn-include: allow dynamic mappings to be used in Fn::FindInMap (#13428) (623675d)

  • cloudfront: cannot add two EdgeFunctions with same aliases (#13324) (1f35351), closes #13237

  • cloudwatch: cannot create Alarms from labeled metrics that start with a digit (#13560) (278029f), closes #13434

  • cloudwatch: MathExpression period of <5 minutes is not respected (#13078) (d9ee914), closes #9156

  • cloudwatch: metric label not rendered into Alarms (#13070) (cbcc712)

  • codebuild: allow FILE_PATH webhook filter for BitBucket (#13186) (cbed348), closes #13175

  • codedeploy: Use aws-cli instead of awscli for yum (#13655) (449ce12)

  • core: toJsonString() cannot handle list intrinsics (#13544) (a5be042), closes #13465

  • core: custom resource provider NODEJS_12 now looks like Lambda's NODEJS_12_X, add Node 14 (#13301) (3413b2f)

  • dynamodb: replicas not created on table replacement (#13300) (c7c424f), closes #12332

  • ec2: fix typo's in WindowsImage constants (#13446) (781aa97)

  • ec2: NAT provider's default outbound rules cannot be disabled (#12674) (664133a), closes #12673

  • ec2: readme grammar (#13180) (fe4f056)

  • ec2: Security Groups support all protocols (#13593) (8c6b3eb), closes #13403

  • ec2: Throw error on empty InitFile content (#13009) (#13119) (81a78a3)

  • ecr: Allow referencing an EcrImage by digest instead of tag (#13299) (266a621), closes #5082

  • ecr: Generate valid CloudFormation for imageScanOnPush (#13420) (278fba5), closes #13418

  • ecs: services essential container exceptions thrown too soon (#13240) (c174f6c), closes #13239

  • elasticloadbalancingv2: should allow more than 2 certificates (#13332) (d3155e9), closes #13150

  • elasticloadbalancingv2: upgrade to v1.92.0 drops certificates on ALB if more than 2 certificates exist (#13490) (01b94f8), closes #13332 #13437

  • events: cannot trigger multiple Lambdas from the same Rule (#13260) (c8c1762), closes #13231

  • events: imported ECS Task Definition cannot be used as target (#13293) (6f7cebd), closes #12811

  • events: imported EventBus does not correctly register source account (#13481) (57e5404), closes #13469

  • iam: oidc-provider can't pull from hosts requiring SNI (#13397) (90dbfb5)

  • iam: policy statement tries to validate tokens (#13493) (8d592ea), closes #13479

  • init: Python init template's stack ID doesn't match other languages (#13480) (3f1c02d)

  • lambda: fromDockerBuild output is located under /asset (#13539) (77449f6), closes #13439

  • lambda: incorrect values for prop UntrustedArtifactOnDeployment (#13667) (0757686), closes #13586

  • lambda-nodejs: paths with spaces break esbuild (#13312) (f983fbb), closes #13311

  • neptune: create correct IAM statement in grantConnect() (#13641) (2e7f046), closes #13640

  • python: change Python namespace to aws_cdk (#13489) (2ff5ca1)

  • region-info: ap-northeast-3 data not correctly registered (#13564) (64da84b), closes #13561

  • s3: Notifications fail to deploy due to incompatible node runtime (#13624) (aa32cf6)

  • s3: Notifications fail to deploy due to incompatible node runtime (#13624) (26bc3d4)

  • stepfunctions: SageMakeUpdateEndpoint adds insufficient permissions (#13170) (6126e49), closes #11594

  • stepfunctions: no validation on state machine name (#13387) (6c3d407), closes #13289

  • use NodeJS 14 for all packaged custom resources (#13488) (20a2820), closes #13534 #13484

  • lambda-nodejs: update default runtime (#13664) (ca42461)

2.0.0-alpha.8 (2021-03-17)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

  • apigatewayv2: HttpApiMapping (and related interfaces for Attributed and Props) has been renamed to ApiMapping
  • apigatewayv2: CommonStageOptions has been renamed to StageOptions
  • apigatewayv2: HttpStage.fromStageName has been removed in favour of HttpStage.fromHttpStageAttributes
  • apigatewayv2: DefaultDomainMappingOptions has been removed in favour of DomainMappingOptions
  • apigatewayv2: HttpApiProps.defaultDomainMapping has been changed from DefaultDomainMappingOptions to DomainMappingOptions
  • apigatewayv2: HttpApi.defaultStage has been changed from HttpStage to IStage
  • apigatewayv2: IHttpApi.defaultStage has been removed

Features

Bug Fixes

  • cfn-include: allow boolean values for string-typed properties (#13508) (e5dab7c)
  • cfn-include: allow dynamic mappings to be used in Fn::FindInMap (#13428) (623675d)
  • cloudfront: cannot add two EdgeFunctions with same aliases (#13324) (1f35351), closes #13237
  • cloudwatch: MathExpression period of <5 minutes is not respected (#13078) (d9ee914), closes #9156
  • cloudwatch: metric label not rendered into Alarms (#13070) (cbcc712)
  • codebuild: allow FILE_PATH webhook filter for BitBucket (#13186) (cbed348), closes #13175
  • core: custom resource provider NODEJS_12 now looks like Lambda's NODEJS_12_X, add Node 14 (#13301) (3413b2f)
  • dynamodb: replicas not created on table replacement (#13300) (c7c424f), closes #12332
  • ec2: fix typo's in WindowsImage constants (#13446) (781aa97)
  • ec2: NAT provider's default outbound rules cannot be disabled (#12674) (664133a), closes #12673
  • ec2: readme grammar (#13180) (fe4f056)
  • ec2: Throw error on empty InitFile content (#13009) (#13119) (81a78a3)
  • ecr: Allow referencing an EcrImage by digest instead of tag (#13299) (266a621), closes #5082
  • ecr: Generate valid CloudFormation for imageScanOnPush (#13420) (278fba5), closes #13418
  • ecs: services essential container exceptions thrown too soon (#13240) (c174f6c), closes #13239
  • elasticloadbalancingv2: should allow more than 2 certificates (#13332) (d3155e9), closes #13150
  • elasticloadbalancingv2: upgrade to v1.92.0 drops certificates on ALB if more than 2 certificates exist (#13490) (01b94f8), closes #13332 #13437
  • events: cannot trigger multiple Lambdas from the same Rule (#13260) (c8c1762), closes #13231
  • events: imported ECS Task Definition cannot be used as target (#13293) (6f7cebd), closes #12811
  • events: imported EventBus does not correctly register source account (#13481) (57e5404), closes #13469
  • iam: oidc-provider can't pull from hosts requiring SNI (#13397) (90dbfb5)
  • init: Python init template's stack ID doesn't match other languages (#13480) (3f1c02d)
  • lambda-nodejs: paths with spaces break esbuild (#13312) (f983fbb), closes #13311
  • python: change Python namespace to aws_cdk (#13489) (90f5311)
  • stepfunctions: SageMakeUpdateEndpoint adds insufficient permissions (#13170) (6126e49), closes #11594
  • stepfunctions: no validation on state machine name (#13387) (6c3d407), closes #13289

2.0.0-alpha.7 (2021-03-10)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

  • apigatewayv2: HttpApiMapping (and related interfaces for Attributed and Props) has been renamed to ApiMapping
  • apigatewayv2: CommonStageOptions has been renamed to StageOptions
  • apigatewayv2: HttpStage.fromStageName has been removed in favour of HttpStage.fromHttpStageAttributes
  • apigatewayv2: DefaultDomainMappingOptions has been removed in favour of DomainMappingOptions
  • apigatewayv2: HttpApiProps.defaultDomainMapping has been changed from DefaultDomainMappingOptions to DomainMappingOptions
  • apigatewayv2: HttpApi.defaultStage has been changed from HttpStage to IStage
  • apigatewayv2: IHttpApi.defaultStage has been removed

Features

Bug Fixes

  • cfn-include: allow dynamic mappings to be used in Fn::FindInMap (#13428) (623675d)
  • cloudfront: cannot add two EdgeFunctions with same aliases (#13324) (1f35351), closes #13237
  • cloudwatch: MathExpression period of <5 minutes is not respected (#13078) (d9ee914), closes #9156
  • cloudwatch: metric label not rendered into Alarms (#13070) (cbcc712)
  • codebuild: allow FILE_PATH webhook filter for BitBucket (#13186) (cbed348), closes #13175
  • core: custom resource provider NODEJS_12 now looks like Lambda's NODEJS_12_X, add Node 14 (#13301) (3413b2f)
  • dynamodb: replicas not created on table replacement (#13300) (c7c424f), closes #12332
  • ec2: NAT provider's default outbound rules cannot be disabled (#12674) (664133a), closes #12673
  • ec2: readme grammar (#13180) (fe4f056)
  • ec2: Throw error on empty InitFile content (#13009) (#13119) (81a78a3)
  • ecr: Allow referencing an EcrImage by digest instead of tag (#13299) (266a621), closes #5082
  • ecr: Generate valid CloudFormation for imageScanOnPush (#13420) (278fba5), closes #13418
  • ecs: services essential container exceptions thrown too soon (#13240) (c174f6c), closes #13239
  • elasticloadbalancingv2: should allow more than 2 certificates (#13332) (d3155e9), closes #13150
  • events: cannot trigger multiple Lambdas from the same Rule (#13260) (c8c1762), closes #13231
  • events: imported ECS Task Definition cannot be used as target (#13293) (6f7cebd), closes #12811
  • iam: oidc-provider can't pull from hosts requiring SNI (#13397) (90dbfb5)
  • lambda-nodejs: paths with spaces break esbuild (#13312) (f983fbb), closes #13311
  • python: change Python namespace to aws_cdk (#13489) (90f5311)
  • stepfunctions: SageMakeUpdateEndpoint adds insufficient permissions (#13170) (6126e49), closes #11594

2.0.0-alpha.6 (2021-03-03)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

  • ecs-patterns: ** the desiredCount property stored on the above constructs will be optional, allowing them to be undefined. This is enabled through the @aws-cdk/aws-ecs-patterns:removeDefaultDesiredCount feature flag. We would recommend all aws-cdk users to set the REMOVE_DEFAULT_DESIRED_COUNT flag to true for all of their existing applications.

Fixes: aws#12990

  • aws-appsync: RdsDataSource now takes a ServerlessCluster instead of a DatabaseCluster

Features

Bug Fixes

2.0.0-alpha.5 (2021-02-17)

Features

Bug Fixes

2.0.0-alpha.4 (2021-02-10)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

  • appmesh: the properties virtualRouter and virtualNode of VirtualServiceProps have been replaced with the union-like class VirtualServiceProvider
  • appmesh: the method addVirtualService has been removed from IMesh
  • cloudfront: experimental EdgeFunction stack names have changed from 'edge-lambda-stack-${region}' to 'edge-lambda-stack-${stackid}' to support multiple independent CloudFront distributions with EdgeFunctions.

Features

Bug Fixes

  • apigateway: stack update fails to replace api key (38cbe62), closes #12698
  • apigateway: stack update fails to replace api key (#12745) (ffe7e42), closes #12698
  • cfn-include: AWS::CloudFormation resources fail in monocdk (#12758) (5060782), closes #11595
  • cli, codepipeline: renamed bootstrap stack still not supported (#12771) (40b32bb), closes #12594 #12732
  • cloudfront: use node addr for edgeStackId name (#12702) (c429bb7), closes #12323
  • codedeploy: wrong syntax on Windows 'installAgent' flag (#12736) (238742e), closes #12734
  • codepipeline: permission denied for Action-level environment variables (#12761) (99fd074), closes #12742
  • core: append file extension to s3 asset key in new style synthesizer (#12765) (77b9d39), closes #12740
  • core: incorrect GetParameter permissions in nonstandard partitions (#12813) (be7202f)
  • ec2: ARM-backed bastion hosts try to run x86-based Amazon Linux AMI (#12280) (1a73d76), closes #12279
  • efs: EFS fails to create when using a VPC with multiple subnets per availability zone (#12097) (889d673), closes #10170
  • iam: cannot use the same Role for multiple Config Rules (#12724) (2f6521a), closes #12714
  • lambda: codeguru profiler not set up for Node runtime (#12712) (59db763), closes #12624

2.0.0-alpha.3 (2021-02-03)

Features

  • aws-codebuild: add enableBatchBuilds() to Project (#12531) (0568390)
  • batch: Compute Resources placement group (#12203) (fe37174)

2.0.0-alpha.2 (2021-01-27)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

  • s3-deployment: User metadata keys of bucket objects will change from x-amz-meta-x-amz-meta-x-amzn-meta-mykey to x-amz-meta-mykey.
  • core: users of modern synthesis (DefaultSynthesizer, used by CDK Pipelines) must upgrade their bootstrap stacks. Run cdk bootstrap.

Features

Bug Fixes

2.0.0-alpha.1 (2021-01-21)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

  • apigatewayv2: subnets prop in VpcLink resource now takes SubnetSelection instead of ISubnet[]
  • eks: Existing self managed nodes may loose the ability to host additional services of type LoadBalancer . See aws#12269 (comment) for possible mitigations.
  • eks: the @aws-cdk/eks.KubectlLayer layer class has been moved to @aws-cdk/lambda-layer-kubectl.KubectlLayer.
  • eks: LegacyCluster was removed since it existed only for a transition period to allow gradual migration to the current cluster class.
  • eks: kubectlEnabled property was removed, all clusters now support kubectl.
  • core: Creation stack traces for Lazy values are no longer captured by default in order to speed up tests. Run with CDK_DEBUG=true (or cdk --debug) to capture stack traces.
  • apigatewayv2: HttpApi.fromApiId() has been replaced with HttpApi.fromHttpApiAttributes().
  • elasticsearch: ES Domain LogGroup LogicalId will change, which will trigger new log group resources to be created
  • cloudfront-origins: Default minimum origin SSL protocol for HttpOrigin and LoadBalancerOrigin changed from SSLv3 to TLSv1.2.

Features

Bug Fixes

2.0.0-alpha.0 (2020-12-11)

This is the first alpha release of CDK 2.0. 🎉