This repository has been archived by the owner on Jan 23, 2024. It is now read-only.
[Snyk] Upgrade @aws-cdk/cdk from 0.24.1 to 0.35.0 #8
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade @aws-cdk/cdk from 0.24.1 to 0.35.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.Release notes
Package name: @aws-cdk/cdk
Bug Fixes
cdk context
(#2870) (b8a1c8e), closes #2854Code Refactoring
name
inStageProps
tostageName
. (#2882) (be574a1)hwType
tohardwareType
(#2916) (1aa0589), closes #2896aws-sns-subscribers
(#2804) (9ef899c)Features
BREAKING CHANGES
AssetProps.packaging
has been removed and is now automatically discovered based on the file type.ZipDirectoryAsset
has been removed, useaws-s3-assets.Asset
.FileAsset
has been removed, useaws-s3-assets.Asset
.Code.directory
andCode.file
have been removed. UseCode.asset
.hardwareType
fromhwType
.TableOptions.pitrEnabled
renamed topointInTimeRecovery
.TableOptions.sseEnabled
renamed toserverSideEncryption
.TableOptions.ttlAttributeName
renamed totimeToLiveAttribute
.TableOptions.streamSpecification
renamedstream
.ContainerImage.fromAsset()
now takes only build directorydirectly (no need to pass
scope
orid
anymore).ISecret.secretJsonValue
renamed tosecretValueFromJson
.ParameterStoreString
has been removed. UseStringParameter.fromStringParameterAttributes
.ParameterStoreSecureString
has been removed. UseStringParameter.fromSecureStringParameterAttributes
.ParameterOptions.name
was renamed toparameterName
.newStream
renamed toaddStream
and doesn't need a scopenewSubscriptionFilter
renamed toaddSubscriptionFilter
and doesn't need a scopenewMetricFilter
renamed toaddMetricFilter
and doesn't need a scopeNewSubscriptionFilterProps
renamed toSubscriptionProps
NewLogStreamProps
renamed toLogStreamOptions
NewMetricFilterProps
renamed toMetricFilterOptions
JSONPattern
renamed toJsonPattern
MethodOptions.authorizerId
is now calledauthorizer
and accepts anIAuthorizer
which is a placeholder interface for the authorizer resource.restapi.executeApiArn
renamed toarnForExecuteApi
.restapi.latestDeployment
anddeploymentStage
are now read-only.EventPattern.detail
is now a map.scheduleExpression: string
is nowschedule: Schedule
.cdk.RemovalPolicy
to configure the resource's removal policy.
applyRemovalPolicy
is nowCfnResource.applyRemovalPolicy
.RemovalPolicy.Orphan
has been renamed toRetain
.RemovalPolicy.Forbid
has been removed, useRetain
.RepositoryProps.retain
is nowremovalPolicy
, and defaults toRetain
instead of remove since ECR is a stateful resourceKeyProps.retain
is nowremovalPolicy
LogGroupProps.retainLogGroup
is nowremovalPolicy
LogStreamProps.retainLogStream
is nowremovalPolicy
DatabaseClusterProps.deleteReplacePolicy
is nowremovalPolicy
DatabaseInstanceNewProps.deleteReplacePolicy
is nowremovalPolicy
attr
instead of the resource type. For example, in S3bucket.bucketArn
is nowbucket.attrArn
.propertyOverrides
has been removed from all "Cfn" resources, insteadusers can now read/write resource properties directly on the resource class. For example, instead of
lambda.propertyOverrides.runtime
just uselambda.runtime
.stageName
instead ofname
Function.addLayer
toaddLayers
and made it variadicIFunction.handler
propertyIVersion.versionArn
property (the value is atfunctionArn
)SingletonLayerVersion
LogRetention
PolicyStatement
no longer has a fluid API, and accepts aprops object to be able to set the important fields.
ImportedResourcePrincipal
toUnknownPrincipal
.managedPolicyArns
renamed tomanagedPolicies
, takesreturn value from
ManagedPolicy.fromAwsManagedPolicyName()
.PolicyDocument.postProcess()
is now removed.PolicyDocument.addStatement()
renamed toaddStatements
.PolicyStatement
is no longerIResolvable
, call.toStatementJson()
to retrieve the IAM policy statement JSON.
AwsPrincipal
has been removed, useArnPrincipal
instead.s3.StorageClass
is now an enum-like class instead of a regularenum. This means that you need to call
.value
in order to obtain it's value.s3.Coordinates
renamed tos3.Location
Artifact.s3Coordinates
renamed toArtifact.s3Location
.BuildSpec
object.lambda.Runtime.NodeJS*
are nowlambda.Runtime.Nodejs*
Stack
APIstack.name
renamed tostack.stackName
stack.stackName
will return the concrete stack name. UseAws.stackName
to indicate { Ref: "AWS::StackName" }.stack.account
andstack.region
will return the concrete account/region only if they are explicitly specified when the stack is defined (under theenv
prop). Otherwise, they will return a token that resolves to the AWS::AccountId and AWS::Region intrinsic references. UseContext.getDefaultAccount()
andContext.getDefaultRegion()
to obtain the defaults passed through the toolkit in case those are needed. UseToken.isUnresolved(v)
to check if you have a concrete or intrinsic.stack.logicalId
has been removed. Usestack.getLogicalId()
stack.env
has been removed, usestack.account
,stack.region
andstack.environment
insteadstack.accountId
renamed tostack.account
(to allow treating account more abstractly)AvailabilityZoneProvider
can now be accessed throughContext.getAvailabilityZones()
SSMParameterProvider
can now be accessed throughContext.getSsmParameter()
parseArn
is nowArn.parse
arnFromComponents
is nowarn.format
node.lock
andnode.unlock
are now privatestack.requireRegion
andrequireAccountId
have been removed. UseToken.unresolved(stack.region)
insteadstack.parentApp
have been removed. UseApp.isApp(stack.node.root)
instead.stack.missingContext
is now privatestack.renameLogical
have been renamed tostack.renameLogicalId
IAddressingScheme
,HashedAddressingScheme
andLogicalIDs
are now internal. OverrideStack.allocateLogicalId
to customize how logical IDs are allocated to resources.--rename
, and the stacknames are now immutable on the stack artifact.
requires an integration object from the
@aws-cdk/aws-sns-subscribers
package.
roleName
inRoleProps
is now of typePhysicalName
bucketName
inBucketProps
is now of typePhysicalName
roleName
inRoleProps
is now of typePhysicalName
Bug Fixes
aws-cloudwatch-actions
(#2688) (e3df21a)Code Refactoring
Features
BREAKING CHANGES
recordValue: string
prop inroute53.TxtRecord
changed tovalues: string[]
recordValue
prop inroute53.CnameRecord
renamed todomainName
route53.AliasRecord
has been removed, useroute53.ARecord
orroute53.AaaaRecord
with thetarget
prop.EncryptionKeyAlias
class was renamed toAlias
.Associated types (such as
EncryptionKeyAliasProps
) were renamed in thesame way.
App.run()
was renamed toApp.synth()
(soft deprecation, it will be removed in the next release).node.stack
is nowStack.of(construct)
(fixes #2766)node.resolve
has been moved tostack.resolve
.node.stringifyJson
has been moved tostack.stringifyJson
.node.validateTree
is nowConstructNode.validate(node)
node.prepareTree
is nowConstructNode.prepare(node)
node.getContext
is nownode.tryGetContext
node.recordReference
is nownode.addReference
node.apply
is nownode.applyAspect
node.ancestors()
is nownode.scopes
node.required
has been removed.node.typename
has been removed.node.addChild
is now privatenode.findReferences()
is nownode.references
node.findDependencies()
is nownode.dependencies
stack.dependencies()
is nowstack.dependencies
CfnElement.stackPath
has been removed.CloudFormationLang
is now internal (usestack.toJsonString()
)requires an integration object from the
@aws-cdk/aws-cloudwatch-actions
package.
targets.EcsEc2Task
renamed totargets.EcsTask
endpoint
is now typestring
(previouslyany
)result
in the Pass state is now typemap
(previouslyany
)@aws-cdk/applet-js
,@aws-cdk/aws-autoscaling-api
,@aws-cdk/aws-codedeploy-api
addPropertyOverride
should match in capitalization to the CloudFormation schema (normally pascal case). For example,addPropertyOverride('accessControl', 'xxx')
should now beaddPropertyOverride('AccessControl', 'xxx')
.rds.RotationSingleUser
renamed tords.SecretRotation
rds.ClusterParameterGroup
no longer hassetParameter()
andremoveParameter()
methods, use the parameters prop directly in the constructor instead.IMPORTANT: apps created with the CDK version 0.33.0 and above cannot be used with an older CLI version.
Bug Fixes
cdk docs
open the new API reference (#2633) (6450758)dependencyRoots
from public API (#2668) (2ba5ad2), closes #2348Features
noUnusedLocals
andnoUnusedParameters
from typescript templates (#2654) (b061826)BREAKING CHANGES
@aws-cdk/aws-logs-destinations
package.addPutJobResultPolicy
property when creating LambdaInvokeAction.--interactive
has been removed--numbered
has been removed--staging
is now a boolean flag that indicates whether assets should be copied to the--output
directory or directly referenced (--no-staging
is useful for e.g. local debugging with SAM CLI)SynthUtils.templateForStackName
has been removed (useSynthUtils.synthesize(stack).template
).cxapi.SynthesizedStack
renamed tocxapi.CloudFormationStackArtifact
with multiple API changes.cdk.App.run()
now returns acxapi.CloudAssembly
instead ofcdk.ISynthesisSession
.@aws-cdk/aws-s3-notifications
package.@aws-cdk/aws-autoscaling-hooktargets
package.EcsQueueWorkerService
,FargateQueueWorkerService
,LoadBalancedEcsService
,LoadBalancedFargateService
andLoadBalancedFargateServiceApplets
.leftAxisRange
=>leftYAxis
,rightAxisRange
=>rightYAxis
, renameYAxisRange
=>YAxisProps
.Bug Fixes
Code Refactoring
Features
BREAKING CHANGES
Load Balancer as an Alias Record Target now requires an integration
object from the
@aws-cdk/aws-route53-targets
package.IBucket.arnForObject
method no longerconcatenates path fragments on your behalf. Pass the
/
-concatenatedkey pattern instead.
export
methods from all AWS resources have been removed. CloudFormation Exports are now automatically created when attributes are referenced across stacks within the same app. To export resources manually, you can explicitly define aCfnOutput
.kms.EncryptionKey
renamed tokms.Key
ec2.VpcNetwork
renamed toec2.Vpc
ec2.VpcSubnet
renamed toec2.Subnet
cloudtrail.CloudTrail
renamedto
cloudtrail.Trail`XxxAttribute
andXxxImportProps
interfaces which were no longer in used after their correspondingexport
method was deleted and there was no use for them in imports.ecs.ClusterAttributes
now acceptsIVpc
andISecurityGroup
instead of attributes. You can use theircorresponding
fromXxx
methods to import them as needed.servicediscovery.CnameInstance.instanceCname
renamed tocname
.glue.IDatabase.locationUrl
is now only inglue.Database
(not on the interface)ec2.TcpPortFromAttribute
andUdpPortFromAttribute
removed. UseTcpPort
andUdpPort
withnew Token(x).toNumber
instead.ec2.VpcNetwork.importFromContext
renamed toec2.Vpc.fromLookup
iam.IRole.roleId
has been removed from the interface, butRole.roleId
is still available for owned resources.loadBalancer
property in ServerDeploymentGroupProps has been changed.apigateway.ResourceBase.trackChild
is now internal.cloudfront.S3OriginConfig.originAccessIdentity
is noworiginAccessIdentityId
codedeploy.LambdaDeploymentGroup.alarms
is nowcloudwatch.IAlarm[]
(previouslycloudwatch.Alarm[]
)codepipeline.crossRegionScaffoldingStacks
renamed tocrossRegionScaffolding
codepipeline.CrossRegionScaffoldingStack
renamed tocodepipeline.CrossRegionScaffolding
and cannot be instantiated (abstract)ec2.VpcSubnet.addDefaultRouteToNAT
renamed toaddDefaultNatRoute
and made publicec2.VpcSubnet.addDefaultRouteToIGW
renamed toaddDefaultInternetRoute
, made public and first argument is the gateway ID (string) and not the CFN L1 classecs.Ec2EventRuleTarget.taskDefinition
is nowITaskDefinition
(previouslyTaskDefinition
)lambda.IEventSource.bind
now acceptsIFunction
instead ofFunctionBase
. UseIFunction.addEventSourceMapping
to add an event source mapping under the function.lambda.Layer.grantUsage
renamed tolambda.layer.addPermission
and returns voidstepfunctions.StateMachine.role
is nowiam.IRole
(previouslyiam.Role
)onXxx()
CloudWatch Event methods now have the signature:onAlarm
was renamed toaddAlarmAction
onOk
was renamed toaddOkAction
onInsufficientData
was renamed toaddInsufficientDataAction
onLifecycleTransition
was renamed toaddLifecycleHook
onPreHook
was renamed toaddPreHook
onPostHook
was renamed toaddPostHook
onXxx
were renamed toaddXxxTrigger
onImagePushed
was renamed toonCloudTrailImagePushed
onEvent
was renamed toaddEventNotification
onObjectCreated
was renamed toaddObjectCreatedNotification
onObjectRemoved
was renamed toaddObjectRemovedNotification
onPutObject
was renamed toonCloudTrailPutObject
Bug Fixes
Code Refactoring
Features
BREAKING CHANGES
Foo.import
static methods are nowFoo.fromFooAttributes
FooImportProps
structs are now calledFooAttributes
stepfunctions.StateMachine.export
has been removed.ses.ReceiptRule.name
is nowses.ReceiptRule.receiptRuleName
ses.ReceiptRuleSet.name
is nowses.ReceiptRuleSet.receiptRuleSetName
secretsmanager.AttachedSecret
is now calledsecretsmanager.SecretTargetAttachment
to match service semanticsecr.Repository.export
has been removeds3.Bucket.bucketUrl
is now calleds3.Bucket.bucketWebsiteUrl
lambda.Version.functionVersion
is now calledlambda.Version.version
ec2.SecurityGroup.groupName
is nowec2.SecurityGroup.securityGroupName
cognito.UserPoolClient.clientId
is nowcognito.UserPoolClient.userPoolClientId
apigateway.IRestApiResource
is nowapigateway.IResource
apigateway.IResource.resourcePath
is nowapigateway.IResource.path
apigateway.IResource.resourceApi
is nowapigateway.IResource.restApi
Bug Fixes
Code Refactoring
Features
BREAKING CHANGES
s3.Bucket.domainName
renamed tos3.Bucket.bucketDomainName
.codedeploy.IXxxDeploymentConfig.deploymentConfigArn
is now a property and not a method.ec2.SecurityGroupBase
is now privateec2.VpcNetworkBase
is now privatekinesis.StreamBase
is now privatekms.EncryptionKeyBase
is now privatelogs.LogGroupBase
is now privatessm.ParameterBase
is now privateeks.ClusterBase
is now privatecodebuild.ProjectBase
is now privatecodecommit.RepositoryBase
is now privatecodedeploy.ServerDeploymentGroupBase
is now privateeks.ClusterBase
is now privatelambda.LayerVersionBase
is now privaterds.DatabaseClusterBase
is now privatesecretsmanager.SecretBase
is now privateses.ReceiptRuleSetBase
is now privatepollForSourceChanges
property inGitHubSourceAction
has been renamed totrigger
, and its type changed from aboolean
to an enum.Bug Fixes
app.run()
(#2300) (47ff448), closes #2289 awslabs/jsii#456Features
Code
,CfnParametersCode
. (#2027) (4247966)BREAKING CHANGES
MetricCustomization
toMetricOptions
.outputArtifact
andoutputArtifacts
properties.inputArtifact(s)
andadditionalInputArtifacts
properties were renamed toinput(s)
andextraInputs
.outputArtifactName(s)
andadditionalOutputArtifactNames
properties were renamed tooutput(s)
andextraOutputs
.CodeBuildBuildAction
andCodeBuildTestAction
were merged into one classCodeBuildAction
.JenkinsBuildAction
andJenkinsTestAction
were merged into one classJenkinsAction
.lambda.Function
no longer implementsIEventRuleTarget
. Instead, use@aws-cdk/aws-events-targets.LambdaFunction
.sns.Topic
no longer implementsIEventRuleTarget
. Use@aws-cdk/aws-events-targets.SnsTopic
instead.codebuild.Project
no longer implementsIEventRuleTarget
. Use@aws-cdk/aws-events-targets.CodeBuildProject
.cdk.Root
construct has been removed. Usecdk.App
instead.stepfunctions.WaitProps
: the propsseconds
,timestamp
,secondsPath
andtimestampPath
are nowduration
of a union-like classWaitDuration
(e.g.duration: WaitDuration.seconds(n)
)codedeploy.ServerDeploymentConfigProps
: the propsminHealthyHostCount
andminHealthyHostPercentage
are nowminimumHealthyHosts
of union-like classMinimumHealthyHosts
(e.g.minimumHealthyHosts: MinimumHealthyHosts.percentage(50)
)cloudformation.CustomResourceProps
: the propstopicProvider
andlambdaProvider
are nowprovider
of union-like classCustomResourceProvider
(e.g.CustomResourceProvider.lambda(fn)
cloudformation.CustomResource
no longer extendsCfnCustomResource
.ssm.ParameterProps
renamed tossm.ParameterOptions
.aws-ec2.InstanceSize.None
was renamed toInstanceSize.Nano
vpc.selectSubnetIds(...)
has been replaced withvpc.selectSubnets(...).subnetIds
.Bug Fixes
aws-ecs: use executionRole for event rule target (#2165) (aa6f7bc), closes #2015
core: remove cdk.Secret (#2068) (b53d04d), closes #2064
feat(aws-iam): refactor grants, add OrganizationPrincipal (#1623) (1bb8ca9), closes #1623 #236
Code Refactoring
Features
bind
method to take a Role separately from the Pipeline. (#2085) (ffe0046)newVersion
method. (#2099) (6fc179a)BREAKING CHANGES
secretsmanager.SecretString
class has been removed in favor ofcdk.SecretValue.secretsManager(id[, options])
string
tocdk.SecretValue
:codepipeline-actions.AlexaSkillDeployAction.clientSecret
,codepipeline-actions.AlexaSkillDeployAction.refreshToken
,codepipeline-actions.GitHubSourceAction.oauthToken
,iam.User.password
secretsmanager.Secret.stringValue
andjsonFieldValue
have been removed. Usesecretsmanage.Secret.secretValue
andsecretJsonValue
instead.secretsmanager.Secret.secretString
have been removed. Usecdk.SecretValue.secretsManager()
orsecretsmanager.Secret.import(..).secretValue
.cdk.Secret
has been removed. Usecdk.SecretValue
instead.cdk.DynamicReference
is no longer a construct, and it's constructor signature was changed and was renamedcdk.CfnDynamicReference
.grant(function.role)
andgrant(project.role)
are nowgrant(function)
andgrant(role)
.cdk.Secret
withsecretsmanager.SecretString
(preferred) orssm.ParameterStoreSecureString
.Highlights
npx cdk
Bug Fixes
Code Refactoring
Features
npx cdk
(#2113) (32bca05)BREAKING CHANGES
cloudWatchLogsRetentionTimeDays
in@aws-cdk/aws-cloudtrail
now uses a
logs.RetentionDays
instead of aLogRetention
.stack._toCloudFormation
method is now unavailable and is replaced by@aws-cdk/assert.SynthUtils.toCloudFormation(stack)
.kmsKeyArn: string
bykmsKey: kms.IEncryptionKey
inDatabaseClusterProps
VpcNetwork.isPublicSubnet()
has been renamed toVpcNetwork.isPublicSubnetIds()
.aws-serverless
toaws-sam
vpcPlacement
has been renamed tovpcSubnets
on all objects,
subnetsToUse
has been renamed tosubnetType
.natGatewayPlacement
has been renamed tonatGatewaySubnets
.Bug Fixes
Code Refactoring
_toCloudFormation
) (#2047) (515868b), closes #2044 #2016Features
Database
andTable
(#1988) (3117cd3)BREAKING CHANGES
ContainerImage.fromDockerHub
has been renamed toContainerImage.fromRegistry
.Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs