chore(merge-back): 2.177.0

CHANGELOG.v2.alpha.md

@@ -2,6 +2,36 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+
+## [2.177.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.176.0-alpha.0...v2.177.0-alpha.0) (2025-01-24)
+
+
+### ⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES
+
+* **glue-alpha:** Developers must refactor their existing Job
+instantiation method calls to choose the right job type and language,
+and use the new constants static values to define the associated Job
+configuration settings. See the RFC and/or new README for examples.
+
+### Description of how you validated changes
+
+Increased unit test coverage to > 90%, consulted with Glue service team
+on best practices and sane defaults, updated integration tests.
+
+### Features
+
+* **amplify-alpha:** throw `ValidationError` instead of untyped errors ([#33141](https://github.com/aws/aws-cdk/issues/33141)) ([a7cd9eb](https://github.com/aws/aws-cdk/commit/a7cd9ebc55f8fd70a469aea7dcf1c16919475982)), closes [#32569](https://github.com/aws/aws-cdk/issues/32569)
+
+
+### Bug Fixes
+
+* **custom-resource-handlers:** do not allow unauthorized connection for iam OIDC connection (under feature flag) ([#32921](https://github.com/aws/aws-cdk/issues/32921)) ([3e4f377](https://github.com/aws/aws-cdk/commit/3e4f3773bfa48b75bf0adc7d53d46bbec7714a9e)), closes [#32920](https://github.com/aws/aws-cdk/issues/32920)
+
+
+### Code Refactoring
+
+* **glue-alpha:**  Refactored glue-alpha L2 CDK construct RFC 0497 ([#32521](https://github.com/aws/aws-cdk/issues/32521)) ([1a18dc9](https://github.com/aws/aws-cdk/commit/1a18dc951a3946430231b685bd3584f62055127c))
+
 ## [2.176.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.175.1-alpha.0...v2.176.0-alpha.0) (2025-01-15)
 
 

CHANGELOG.v2.md

@@ -2,6 +2,49 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+## [2.177.0](https://github.com/aws/aws-cdk/compare/v2.176.0...v2.177.0) (2025-01-24)
+
+
+### Features
+
+* **apigatewayv2:**  throw `ValidationError` instead of untyped errors ([#33072](https://github.com/aws/aws-cdk/issues/33072)) ([8b472fc](https://github.com/aws/aws-cdk/commit/8b472fc5a68c2c83349dbfc11fa502f08d0bd5c8)), closes [#32569](https://github.com/aws/aws-cdk/issues/32569)
+* **apigatewayv2:** throw `ValidationError` instead of untyped errors ([#33082](https://github.com/aws/aws-cdk/issues/33082)) ([5377586](https://github.com/aws/aws-cdk/commit/537758607623d364529ccad78983eaa3f380762e)), closes [#32569](https://github.com/aws/aws-cdk/issues/32569)
+* **apigatewayv2-authorizers:** throw `ValidationError` instead of untyped errors ([#33076](https://github.com/aws/aws-cdk/issues/33076)) ([dd34d2e](https://github.com/aws/aws-cdk/commit/dd34d2e3286048eb5079d93b743c444c4ee1e9bf)), closes [#32569](https://github.com/aws/aws-cdk/issues/32569)
+* **bedrock:** deprecate Claude 2, 2.1, Instant ([#33058](https://github.com/aws/aws-cdk/issues/33058)) ([c0ed449](https://github.com/aws/aws-cdk/commit/c0ed4491a399cff5a098b0e4de389437c0cb55ba))
+* **cli:** add --untrust option to bootstrap ([#33091](https://github.com/aws/aws-cdk/issues/33091)) ([4713bdd](https://github.com/aws/aws-cdk/commit/4713bdd3bdd64e924c403c6c680d3205e4cef491))
+* **cli:** show all information from waiter errors ([#33035](https://github.com/aws/aws-cdk/issues/33035)) ([b512a72](https://github.com/aws/aws-cdk/commit/b512a72cd6457a4d95d7346338894a4e3ed503f3))
+* **cli:** throw typed errors ([#33005](https://github.com/aws/aws-cdk/issues/33005)) ([bf81b3c](https://github.com/aws/aws-cdk/commit/bf81b3ce17941f1f84b386f1e935150893b58315)), closes [#32548](https://github.com/aws/aws-cdk/issues/32548)
+* **cloudfront-origins:** list access level for 404 response ([#32059](https://github.com/aws/aws-cdk/issues/32059)) ([2b2443d](https://github.com/aws/aws-cdk/commit/2b2443de2f566f1595657f94195d8b61243fb800)), closes [#13983](https://github.com/aws/aws-cdk/issues/13983) [#31689](https://github.com/aws/aws-cdk/issues/31689)
+* **cognito:** managed login ([#33097](https://github.com/aws/aws-cdk/issues/33097)) ([188f52d](https://github.com/aws/aws-cdk/commit/188f52d5750274b86c5ebc6ce55ec7cdbc6fc8a7))
+* **elbv2:** throw `ValidationError` intsead of untyped errors ([#33111](https://github.com/aws/aws-cdk/issues/33111)) ([cc1988a](https://github.com/aws/aws-cdk/commit/cc1988acd3a5d8f6a348140af8ca69176b18a52c)), closes [#32569](https://github.com/aws/aws-cdk/issues/32569)
+* **lambda:** throw `ValidationError` instead of untyped errors ([#33033](https://github.com/aws/aws-cdk/issues/33033)) ([a928748](https://github.com/aws/aws-cdk/commit/a928748717baf6d7eb90724c2fd7ee980eda284b)), closes [#32569](https://github.com/aws/aws-cdk/issues/32569)
+* **rds:** throw `ValidationError` instead of untyped errors ([#33042](https://github.com/aws/aws-cdk/issues/33042)) ([0b2db62](https://github.com/aws/aws-cdk/commit/0b2db62850913a1af5b0018aff7c71fad6a7714f)), closes [#32569](https://github.com/aws/aws-cdk/issues/32569)
+* **route53:** throw `ValidationError` instead of untyped errors ([#33110](https://github.com/aws/aws-cdk/issues/33110)) ([5e0f16d](https://github.com/aws/aws-cdk/commit/5e0f16d5f5782784a7b572caa6531460bb4eed50)), closes [#32569](https://github.com/aws/aws-cdk/issues/32569)
+* **s3:** replicating objects ([#30966](https://github.com/aws/aws-cdk/issues/30966)) ([9d8a7e2](https://github.com/aws/aws-cdk/commit/9d8a7e20fbdb0fa956bf01b0f1dc6b26173dd161)), closes [#1680](https://github.com/aws/aws-cdk/issues/1680) [/docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-replicationrulefilter.html#cfn-s3](https://github.com/aws//docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-replicationrulefilter.html/issues/cfn-s3) [/docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-replicationrule.html#cfn-s3](https://github.com/aws//docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-replicationrule.html/issues/cfn-s3) [/docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-replicationrule.html#cfn-s3](https://github.com/aws//docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-replicationrule.html/issues/cfn-s3)
+* **s3:** throw `ValidationError` instead of untyped errors ([#33031](https://github.com/aws/aws-cdk/issues/33031)) ([61e876b](https://github.com/aws/aws-cdk/commit/61e876bd3ed65742b9b4321d0a514dfc606313f4)), closes [#32569](https://github.com/aws/aws-cdk/issues/32569)
+* **s3:** throw `ValidationError` instead of untyped errors ([#33109](https://github.com/aws/aws-cdk/issues/33109)) ([aea8f3b](https://github.com/aws/aws-cdk/commit/aea8f3b4f1bf80d5ffa390fee2986d864cd842c5)), closes [#32569](https://github.com/aws/aws-cdk/issues/32569)
+* **sns:** throw `ValidationError` instead of untyped errors ([#33045](https://github.com/aws/aws-cdk/issues/33045)) ([7452462](https://github.com/aws/aws-cdk/commit/7452462550a100f5bd2dcab6f495c9f68bf0db4a)), closes [#32569](https://github.com/aws/aws-cdk/issues/32569)
+* **sqs:** throw `ValidationError` instead of untyped errors ([#33046](https://github.com/aws/aws-cdk/issues/33046)) ([6469412](https://github.com/aws/aws-cdk/commit/64694124e37113eaeed50635e5d1fb8db9badc89)), closes [#32569](https://github.com/aws/aws-cdk/issues/32569)
+* **ssm:** throw `ValidationError` instead of untyped errors ([#33067](https://github.com/aws/aws-cdk/issues/33067)) ([6677b33](https://github.com/aws/aws-cdk/commit/6677b3373157c71b104c97ae3bbece39e44e29de)), closes [#32569](https://github.com/aws/aws-cdk/issues/32569)
+* **synthetics:** cleanup provisioned lambda and layers for canary ([#32738](https://github.com/aws/aws-cdk/issues/32738)) ([bdb4a59](https://github.com/aws/aws-cdk/commit/bdb4a594c16a2051ca157f5f06f059d7edcf457c))
+* **synthetics:** node playwright 1.0 and python selenium 4.1 runtime ([#32245](https://github.com/aws/aws-cdk/issues/32245)) ([d68020b](https://github.com/aws/aws-cdk/commit/d68020b8c1dc957a7e99aefab31de91f5a304b31)), closes [/docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_python_selenium.html#CloudWatch_Synthetics_runtimeversion-syn-python-selenium-4](https://github.com/aws//docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_python_selenium.html/issues/CloudWatch_Synthetics_runtimeversion-syn-python-selenium-4)
+* **synthetics:** throw `ValidationError` instead of untyped errors ([#33079](https://github.com/aws/aws-cdk/issues/33079)) ([e4703c1](https://github.com/aws/aws-cdk/commit/e4703c19598753a2b6f240b906d3e1da3954851f)), closes [#32569](https://github.com/aws/aws-cdk/issues/32569)
+* **VpcV2:** add BYOIP IPv6 to VPCv2 ([#32927](https://github.com/aws/aws-cdk/issues/32927)) ([93c95fc](https://github.com/aws/aws-cdk/commit/93c95fc1a4f547d309732ae7b32f65e3763c2d37))
+* update L1 CloudFormation resource definitions ([#33019](https://github.com/aws/aws-cdk/issues/33019)) ([e31924a](https://github.com/aws/aws-cdk/commit/e31924a7ec472f165382f5cca8b55b747e9c4208)), closes [/docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parseRoute53](https://github.com/aws//docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html/issues/CloudWatch-Logs-Transformation-parseRoute53) [/docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseRoute53](https://github.com/aws//docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html/issues/CloudWatch-Logs-Transformation-parseRoute53)
+
+
+### Bug Fixes
+
+* **bundling:** enclosing metafile & tsconfig paths with quotes ([#32725](https://github.com/aws/aws-cdk/issues/32725)) ([5410e10](https://github.com/aws/aws-cdk/commit/5410e1016b39ef3ef45a02da151ce40c83ce9e0d))
+* **cli:** disallow import of internal cli libraries ([#33021](https://github.com/aws/aws-cdk/issues/33021)) ([e5ac918](https://github.com/aws/aws-cdk/commit/e5ac918efbb66674176c81171e0d61affddcbeab))
+* **cli:** trace output (-vv) is useless when files are uploaded ([#33104](https://github.com/aws/aws-cdk/issues/33104)) ([d95add3](https://github.com/aws/aws-cdk/commit/d95add33fc3fe355752ff56cd37381cb808890b6))
+* **cloudfront:** add validations on ResponseHeadersCorsBehavior.accessControlAllowMethods ([#32769](https://github.com/aws/aws-cdk/issues/32769)) ([4c42800](https://github.com/aws/aws-cdk/commit/4c4280050e67d5779edeb09baf3287b431839aed))
+* **cx-api:** cannot detect CloudAssembly across different libraries ([#32998](https://github.com/aws/aws-cdk/issues/32998)) ([94ba772](https://github.com/aws/aws-cdk/commit/94ba7721b5c6adeb7974152d67d7b56524687cbe)), closes [aws/aws-cdk#31041](https://github.com/aws/aws-cdk/issues/31041)
+* **rds:** does not print all failed validations for DatabaseCluster props ([#32841](https://github.com/aws/aws-cdk/issues/32841)) ([344d916](https://github.com/aws/aws-cdk/commit/344d916480f6facc437841033cd3d072ebc07010)), closes [#32840](https://github.com/aws/aws-cdk/issues/32840) [#32840](https://github.com/aws/aws-cdk/issues/32840) [/github.com/aws/aws-cdk/pull/32151/files#diff-49b4a9e1bf0b7db3ab71f4f08580da0cb2191d84605dc82a70c324bd122d5cf7R805-R828](https://github.com/aws//github.com/aws/aws-cdk/pull/32151/files/issues/diff-49b4a9e1bf0b7db3ab71f4f08580da0cb2191d84605dc82a70c324bd122d5cf7R805-R828) [/github.com/aws/aws-cdk/pull/32841/files#diff-5d08d37e744e173239879212c59fd45cb9a279349f3dfb1c66923cb015ed3a3](https://github.com/aws//github.com/aws/aws-cdk/pull/32841/files/issues/diff-5d08d37e744e173239879212c59fd45cb9a279349f3dfb1c66923cb015ed3a3) [/github.com/aws/aws-cdk/blob/3e4f3773bfa48b75bf0adc7d53d46bbec7714a9e/packages/aws-cdk-lib/aws-ec2/lib/volume.ts#L672-L743](https://github.com/aws//github.com/aws/aws-cdk/blob/3e4f3773bfa48b75bf0adc7d53d46bbec7714a9e/packages/aws-cdk-lib/aws-ec2/lib/volume.ts/issues/L672-L743) [/github.com/aws/aws-cdk/blob/3e4f3773bfa48b75bf0adc7d53d46bbec7714a9e/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/eventbridge-scheduler/create-schedule.ts#L324-L362](https://github.com/aws//github.com/aws/aws-cdk/blob/3e4f3773bfa48b75bf0adc7d53d46bbec7714a9e/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/eventbridge-scheduler/create-schedule.ts/issues/L324-L362) [/github.com/aws/aws-cdk/blob/3e4f3773bfa48b75bf0adc7d53d46bbec7714a9e/packages/aws-cdk-lib/aws-fsx/lib/lustre-file-system.ts#L360-L380](https://github.com/aws//github.com/aws/aws-cdk/blob/3e4f3773bfa48b75bf0adc7d53d46bbec7714a9e/packages/aws-cdk-lib/aws-fsx/lib/lustre-file-system.ts/issues/L360-L380)
+* **sqs:** does not print all failed validations for Queue props ([#33070](https://github.com/aws/aws-cdk/issues/33070)) ([b77e937](https://github.com/aws/aws-cdk/commit/b77e9379e8d1e6d653042a2be35efb18983e1973)), closes [#33098](https://github.com/aws/aws-cdk/issues/33098) [#33098](https://github.com/aws/aws-cdk/issues/33098)
+* update fetchOpenPullRequests method to pass organisation in github action workflow for prioritization ([#33073](https://github.com/aws/aws-cdk/issues/33073)) ([066cd4f](https://github.com/aws/aws-cdk/commit/066cd4f45e194cff5ed39582e50f5b95e83cbeed))
+
+
 ## [2.176.0](https://github.com/aws/aws-cdk/compare/v2.175.1...v2.176.0) (2025-01-15)
 
 

packages/aws-cdk-lib/cx-api/FEATURE_FLAGS.md

@@ -87,7 +87,7 @@ Flags come in three types:
 | [@aws-cdk/aws-ecs:disableEcsImdsBlocking](#aws-cdkaws-ecsdisableecsimdsblocking) | When set to true, CDK synth will throw exception if canContainersAccessInstanceRole is false. **IMPORTANT: See [details.](#aws-cdkaws-ecsdisableEcsImdsBlocking)** | 2.175.0 | (temporary) |
 | [@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature](#aws-cdkaws-ecsenableimdsblockingdeprecatedfeature) | When set to true along with canContainersAccessInstanceRole=false in ECS cluster, new updated commands will be added to UserData to block container accessing IMDS. **Applicable to Linux only. IMPORTANT: See [details.](#aws-cdkaws-ecsenableImdsBlockingDeprecatedFeature)** | 2.175.0 | (temporary) |
 | [@aws-cdk/aws-elasticloadbalancingV2:albDualstackWithoutPublicIpv4SecurityGroupRulesDefault](#aws-cdkaws-elasticloadbalancingv2albdualstackwithoutpublicipv4securitygrouprulesdefault) | When enabled, the default security group ingress rules will allow IPv6 ingress from anywhere | 2.176.0 | (fix) |
-| [@aws-cdk/aws-iam:oidcRejectUnauthorizedConnections](#aws-cdkaws-iamoidcrejectunauthorizedconnections) | When enabled, the default behaviour of OIDC provider will reject unauthorized connections | V2NEXT | (fix) |
+| [@aws-cdk/aws-iam:oidcRejectUnauthorizedConnections](#aws-cdkaws-iamoidcrejectunauthorizedconnections) | When enabled, the default behaviour of OIDC provider will reject unauthorized connections | 2.177.0 | (fix) |
 
 <!-- END table -->
 
@@ -1665,7 +1665,7 @@ thumbprints from unsecure connections.
 | Since | Default | Recommended |
 | ----- | ----- | ----- |
 | (not in v1) |  |  |
-| V2NEXT | `false` | `true` |
+| 2.177.0 | `false` | `true` |
 
 **Compatibility with old behavior:** Disable the feature flag to allow unsecure OIDC connection.
 

packages/aws-cdk-lib/cx-api/lib/features.ts

@@ -1367,7 +1367,7 @@ export const FLAGS: Record<string, FlagInfo> = {
 
       When this feature flag is disabled, the behaviour will be the same as current and will allow downloading
       thumbprints from unsecure connections.`,
-    introducedIn: { v2: 'V2NEXT' },
+    introducedIn: { v2: '2.177.0' },
     recommendedValue: true,
     compatibilityWithOldBehaviorMd: 'Disable the feature flag to allow unsecure OIDC connection.',
   },

version.v2.json

@@ -1,4 +1,4 @@
 {
-  "version": "2.176.0",
-  "alphaVersion": "2.176.0-alpha.0"
+  "version": "2.177.0",
+  "alphaVersion": "2.177.0-alpha.0"
 }