chore(release): 2.95.0 #27053

aws-cdk-automation · 2023-09-07T19:48:00Z

See [CHANGELOG](https://github.com/aws/aws-cdk/blob/merge-back/2.94.0/CHANGELOG.md)

AWS Service Spec packages to latest versions.

I found some grammatical errors while debugging an issue. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

) When a DeliveryStream is created without `sourceStream` or `encryptionKey`, an extra role is being created that is unused. This PR removes creation of that role. I also learned that the role created for `encryptionKey` is used "indirectly" for a grant put on the KMS key...interesting. Closes #26927. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

The upcoming v6 of the [VSCode jest plugin](https://github.com/jest-community/vscode-jest#virtualfolders) allows us to configure our monorepo packages as virtual folders. This makes the built-in Test Explorer work out of the box. <img width="466" alt="image" src="https://github.com/aws/aws-cdk/assets/379814/b98b3736-4713-49d7-bec6-816f14816e73"> Using the workspace is entirely optional. It can also serve as an example configurations. But it does give a space to add recommended/opinionated VSCode settings without compromising contributor's ability to change `.vscode/settings.json`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…16 (#26980) Updates the `CrossAccountZoneDelegationRecord` construct to use sdk v3 / node 18. This is identical to changes in #26212, except for hardcoding a region into the `assumeRole` sdk call. This may not be the ideal solution, but should not break specific configurations. That specific configuration, as #26593 pointed out, was that the original update was a breaking change if the construct was deployed into an opt-in region, and the parent zone did not have that opt-in region enabled. This PR removes the semi-hidden `@aws-cdk/aws-route53:useRegionalStsEndpoint` feature flag, as it was based on a confusion on why things used to work. We now pick the correct endpoint manually. Closes #26976. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Fixes to remove an incorrectly generated warning when using Node JS runtime <= 16 with `NodejsFunction` Closes #26966 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…#26951) Checks off some items from #26936 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

) We use a custom resource to set the log retention for log groups created by the Lambda service. This custom resource handler code has a built-in retry mechanism to avoid throttling when executing many LogRetention CRs. Users can customize the number of possible retries, potentially retrying for a long time. This can cause the situation that further retries should be attempted, but the Lambda Function timeout is exceeded. The change sets the lambda execution timeout to its maximum value to allow for up to 15 minutes of retries. If the retry budget is exhausted, the handler will throw an error and exit early. Closes #24485 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

`apiVersion` no longer is recognized by sdk v3. source: aws/aws-sdk-js-v3#1869 We use it in two custom resources. I confirmed that each `apiVersion` represented the latest version of sdk v2 and was almost certainly hardcoded because it was the recommended practice: https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/locking-api-versions.html Both integ tests succeed deployment. I can confirm that `aws-route53/delete-existing-record-set-handler` works as intended but the integ test for `pipelines/approve-lambda` could never have worked and needs to be rewritten. That should happen in a different PR. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…t failure (#27000) The payload response of a Lambda used to be a `string`, and could occasionally be `""`, which we detected and special-case parsed to an empty object. The Payload should never be empty, and will only be that under exceptional circumstances which we haven't been able to pin down yet, but we shouldn't fail in any case. In SDKv3, the payload response of a Lambda changed to type `Uint8Array`, but a `Uint8Array(0)` doesn't check as *falsey*, so we'd decode it to `""` and then the `JSON.parse()` of that would fail. First decode, then check the string for emptyness. Fixes #26429.

AWS SDK v3 has changed some data types to Uint8Array. If a value of this type was provided by the user, it would not be decoded properly back to a Uint8Array before making the call. Recognize when there is an encoded Uint8Array and decode it back properly. Closes #26798. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

This PR fixes only minor typo (`@defult`) in AuthenticationConfiguration. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Migrate the `aws-api-handler` code to use SDKv3 and move it into `custom-resource-handlers`. Updates the Construct config to use the new code and Node18. To verify functionality, the existing integration test has been extended to include a new rule and target that can be asserted on. Includes a config change to the `custom-resource-handlers` package to run test from TS. Closes #26998 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…27011) To lower the effort for our next hunt-and-peck Node upgrade, replace all runtimes in unit tests with symbolic Node versions. * Most of the time, use `NODEJS_LATEST` * Replace expectations of a rendered runtime `"nodejs16.x" -> Runtime.NODEJS_LATEST.name` * For tests where the hash matters, use a hardcoded fake runtime of `"node99.x"`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.

Add Verified Permissions VPC Endpoint to `InterfaceVpcEndpointAwsService` so we can create one by using class property. see: https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/vpc-interface-endpoints.html ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

… control over replicas (#27023) This PR is for the implementation of the `TableV2` construct which provides support for the `GlobalTable` resource. Please reference the following RFC: [aws/aws-cdk-rfcs@master/text/0510-dynamodb-global-table.md](https://github.com/aws/aws-cdk-rfcs/blob/master/text/0510-dynamodb-global-table.md?rgh-link-date=2023-07-28T17%3A49%3A45Z) Closes #16118 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…#26925) The CLI always looks up the default bootstrap stack, for backwards compatibility reasons: in case the attributes introduced by the V2 `DefaultStackSynthesizer` that tell it what SSM parameter to use and what bucket to write assets to are not present, it needs to fall back to the default bootstrap stack found in CloudFormation. The code happily survives a `StackNotFound` error, but is not prepared to deal with an `AccessDenied` error, that a customer in #26588 had configured their AWS account for. The essence of the fix here is to catch all errors when looking up the toolkit stack, because they only become relevant if any of the properties of the toolkit stack are ever accessed. The customer also made the point that the lookup didn't even need to happen in the first place, because all information was already there. This is fair, and the organization of the code in this area has been a thorn in my side for a while now. There is some code that doesn't need to be on `ToolkitInfo` (which is the ancient name for the Bootstrap Stack), but is there for legacy reasons. This PR introduces a refactor, where we introduce a new class `EnvironmentResources`, that manages interacting with the bootstrap resources in a particular environment. We can now pass `EnvironmentResources` everywhere we used to pass `ToolkitInfo`, and the actual lookup of the Bootstrap Stack is only triggered if the need arises (which hopefully should be never). Closes #26588. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Add a script that will automatically extract the blob parameter type data from the AWS SDKv3. `scripts/update-sdkv3-blobs-model.sh` will download the files and drive `scripts/update-sdkv3-blobs-model.ts`, which does the actual collection. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…ay (#27034) In #27002 we have migrated the AwsApi Construct to SDKv3. However some SDKv3 Commands expect a `Uint8Array` in places where SDKv2 previously would accept a `string`. This is a problem because handler input is passed directly into the SDK calls and the input can only contain JSON data types. To solves this, we keep a list of SDK actions and parameters that should be coerced to `Uint8Array`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

…itter (#27051) The Fail state supports JsonPath values in the `ErrorPath` and `CausePath` field to filter the state input and serve as the state error and cause. The Retry block supports exponential backoff with Jitter and capped interval retry growth with MaxDelay. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

aws-cdk-automation · 2023-09-07T20:12:16Z

AWS CodeBuild CI Report

CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
Commit ID: 0c9c32c
Result: SUCCEEDED
Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

mergify · 2023-09-07T20:12:40Z

Thank you for contributing! Your pull request will be automatically updated and merged without squashing (do not update manually, and be sure to allow changes to be pushed to your fork).

mergify bot and others added 24 commits September 1, 2023 19:41

chore(merge-back): 2.94.0 (#26981)

408f1f6

See [CHANGELOG](https://github.com/aws/aws-cdk/blob/merge-back/2.94.0/CHANGELOG.md)

feat: update AWS Service Spec (#26999)

a0458b7

AWS Service Spec packages to latest versions.

docs(ssm): fix grammatical errors for StringParameter (#27004)

e628e6e

I found some grammatical errors while debugging an issue. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

chore(region-info): Add missing information for all supported regions (…

1604cf4

…#26951) Checks off some items from #26936 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

docs(apprunner): fix typo in AuthenticationConfiguration (#27027)

0318676

This PR fixes only minor typo (`@defult`) in AuthenticationConfiguration. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

chore: npm-check-updates && yarn upgrade (#27032)

05f3d95

Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.

chore(release): 2.95.0

0c9c32c

aws-cdk-automation added auto-approve pr/no-squash This PR should be merged instead of squash-merging it labels Sep 7, 2023

github-actions bot added the p2 label Sep 7, 2023

aws-cdk-automation requested a review from a team September 7, 2023 19:48

github-actions bot approved these changes Sep 7, 2023

View reviewed changes

aws-cdk-automation had a problem deploying to test-pipeline September 7, 2023 19:49 — with GitHub Actions Failure

MrArnoldPalmer approved these changes Sep 7, 2023

View reviewed changes

mergify bot merged commit cfa7e88 into v2-release Sep 7, 2023
26 of 27 checks passed

mergify bot deleted the bump/2.95.0 branch September 7, 2023 20:12

github-actions bot mentioned this pull request Oct 1, 2023

Monthly PRs metrics report - Sep 2023 #27368

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(release): 2.95.0 #27053

chore(release): 2.95.0 #27053

aws-cdk-automation commented Sep 7, 2023 •

edited

Loading

aws-cdk-automation commented Sep 7, 2023

mergify bot commented Sep 7, 2023

chore(release): 2.95.0 #27053

chore(release): 2.95.0 #27053

Conversation

aws-cdk-automation commented Sep 7, 2023 • edited Loading

aws-cdk-automation commented Sep 7, 2023

AWS CodeBuild CI Report

mergify bot commented Sep 7, 2023

aws-cdk-automation commented Sep 7, 2023 •

edited

Loading