chore(release): 2.211.0 #35213
Merged
chore(release): 2.211.0 #35213
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Reason for this change Enhance the CLI integration test workflow to provide more flexibility in triggering tests and better control over when integration tests run. ### Description of changes - **Add explicit trigger types**: Specify explicit event types (opened, synchronize, reopened, labeled, unlabeled) instead of using the default catch-all - **Enable manual triggering**: Allow integration tests to be triggered manually via the `pr/request-cli-integ-tests` label, even when no CLI-related files have changed - **Improve workflow logic**: Update the condition to check for both file changes OR the presence of the manual trigger label These changes provide maintainers with better control over when integration tests run, especially useful for testing scenarios where CLI changes might not be automatically detected or when manual testing is needed. ### Describe any new or updated permissions being added No new permissions are being added. This change only modifies workflow trigger conditions and logic. ### Description of how you validated changes - Reviewed the workflow syntax and logic - Verified that the label-based triggering condition is properly formatted - Confirmed that existing functionality (automatic triggering on CLI file changes) remains intact ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…CEndpoint` (#35025) ### Issue # (if applicable) Closes #32785 ### Reason for this change Supporting the new L1 property in the L2 construct. `AWS::EC2::VPCEndpointService` support was added in #33959, so this should complete support for cross-region vpc private links. ### Description of changes Added a new L2 prop - `serviceRegion` - which is of type `string`. It gets passed to the L1 `ServiceRegion` property when present. ### Describe any new or updated permissions being added None ### Description of how you validated changes Added unit tests ### Checklist - [X] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Reason for this change We do not need anymore for CodeBuild approval, as migrated to new build setup ### Checklist - [X] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…tion (#35144) ### Issue # (if applicable) Closes #35136. ### Reason for this change DynamoDB TableV2 construct with customer-managed KMS encryption causes CloudFormation drift detection to report false positives. This occurs because CDK generates CloudFormation templates using KMS key ARNs (`Fn::GetAtt` with `Arn`), but DynamoDB internally stores only the key ID, leading to a mismatch during drift detection. ### Description of changes **Root Cause**: The `_renderReplicaSseSpecification` method in `encryption.ts` was using `tableKey.keyArn` which generates `Fn::GetAtt` with `Arn`, but the CloudFormation L1 property `KMSMasterKeyId` expects a key ID, not an ARN. While DynamoDB accepts ARNs at deployment time, it internally stores and returns only the key ID, causing drift detection mismatches. **Solution**: Changed `tableKey.keyArn` to `tableKey.keyId` on line 73 of `encryption.ts`. This generates a `Ref` to the KMS key resource, which produces the key ID format that aligns with: - [The CloudFormation `KMSMasterKeyId` property specification](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-properties-dynamodb-globaltable-replicassespecification.html#cfn-dynamodb-globaltable-replicassespecification-kmsmasterkeyid) - What drift detection expects to find **Files Modified**: - `packages/aws-cdk-lib/aws-dynamodb/lib/encryption.ts`: Updated KMS key reference from ARN to ID - `packages/aws-cdk-lib/aws-dynamodb/test/table-v2.test.ts`: Updated test expectation to match corrected CloudFormation output **Impact**: This fix eliminates false positive drift detection for DynamoDB TableV2 constructs using customer-managed KMS encryption while maintaining full backward compatibility. ### Describe any new or updated permissions being added No new or updated IAM permissions are required. This change only affects the CloudFormation template generation format to properly align with the `KMSMasterKeyId` property specification. ### Description of how you validated changes **Unit Tests**: - All 325 DynamoDB unit tests pass - Updated test expectation in `table-v2.test.ts` to verify correct CloudFormation output format (Ref vs Fn::GetAtt) - Added validation test for key ID format **Integration Tests**: - All 25 existing DynamoDB integration tests pass without requiring snapshot updates - Verified that existing deployments continue to work seamlessly **Manual Validation**: - Confirmed CloudFormation template now generates `Ref` instead of `Fn::GetAtt` for KMS key references - Verified the fix addresses the specific drift detection scenario described in the issue - Validated that the generated key ID format matches the `KMSMasterKeyId` property expectation **Regression Testing**: - No breaking changes to existing functionality - Backward compatibility maintained for existing stacks (CloudFormation accepts both formats) - Cross-language (JSII) compatibility preserved ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) Closes #34883 ### Reason for this change Support for Multi-region Strong Consistency Global Tables ### Description of changes Added additional code to support the new feature on DynamoDB including validation ### Describe any new or updated permissions being added No permissions added ### Description of how you validated changes Unit tests + integration test ### Checklist - [X] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) Closes #<issue number here>. ### Reason for this change All ISO partitions now support Node22, so this PR updates the Node runtime version in all of them. Also, now the `NODEJS_LATEST` variable in lambda runtime definition uses Node22, as all supported partitions have reached parity, being Node22 the latest available version in all of them ### Description of changes Updated node runtime mappings in fact-table, updated `NODEJS_LATEST` to map to Node22 and updated all related unit and integration tests ### Describe any new or updated permissions being added NA ### Description of how you validated changes Local deployment of all the updated integration tests ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
This aligns the cdk docs with the code and AWS docs ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
### Reason for this change The issues with Go language integration of jsii-runtime v1.113.0 are now resolved. ### Description of changes Reverts #35142 ### Describe any new or updated permissions being added No new permissions are added. ### Description of how you validated changes N/A ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…35188) ### Reason for this change After removing the CodeBuild requirement from Mergify in #35174, automatic PR merging stopped working. Mergify was looking for status-success=validate-pr and status-success=build, but GitHub Actions creates check runs, not statuses. CodeBuild used the GitHub Status API, while GitHub Actions uses the GitHub Checks API. ### Description of changes Changed all Mergify conditions from status-success=validate-pr and status-success=build to check-success=validate-pr and check-success=build to match what GitHub Actions actually creates. The previous configuration worked because Mergify was only waiting for the CodeBuild status (which was correctly configured), while the GitHub Actions conditions were silently failing but not blocking merges. ### Describe any new or updated permissions being added NA ### Description of how you validated changes Analyzed GitHub API responses for recent PRs to confirm: • CodeBuild creates statuses via GitHub Status API • GitHub Actions creates check runs via GitHub Checks API • Verified that approved PRs have successful validate-pr and build check runs but no corresponding statuses ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable)
### Reason for this change
This PR reverts the revert commit `86caea16c4` ("Revert "revert(ecs):
add support for native blue/green deployments in ECS L2 (#35061)
(#35170)") without changing the git history and mitigate the JSII
compatibility issues with minimal changes.
The original PR #35061 added support for native blue/green deployments
in ECS L2 but was reverted due to JSII compatibility issues reported in
#35167. The issue was that adding an optional `alternateTarget`
parameter to the `attachToELBv2` method caused JSII breaking changes, as
JSII treats any method signature change as breaking because it affects
generated bindings in other languages (Python, Java, C#, Go).
### Description of changes
This PR restores the blue/green deployment functionality from PR #35061
with minimal changes to address the reviewer feedback:
1. **Simplified approach** - Since `attachToELBv2` is a private method,
JSII doesn't process it for cross-language bindings, so adding an
optional parameter is safe
2. **Restored original implementation** - Added the optional
`alternateTarget` parameter back to the private `attachToELBv2` method
3. **Removed unnecessary complexity** - Eliminated the separate
`attachToELBv2WithAlternateTarget` method that was created due to
overcautiousness about JSII compatibility
4. **Fixed unused variable** - Removed the unused `resources` variable
in `alternate-target-configuration.ts` (leftover from previous PR)
5. **Added regression tests** - Ensured services without alternate
targets continue to work correctly
**Key changes:**
- `attachToELBv2(targetGroup, containerName, containerPort,
alternateTarget?)` - restored to original approach with optional
parameter (safe for private methods)
- Simplified `loadBalancerTarget` method - directly calls
`attachToELBv2` with the optional parameter
- Cleaned up unused code from previous implementation
### Describe any new or updated permissions being added
No new permissions are being added. This change restores the original
functionality with a simplified implementation based on reviewer
feedback.
### Description of how you validated changes
1. **Unit tests**: All existing tests continue to pass (355/355 ECS
service tests passed)
2. **Regression tests**: Added specific tests to ensure services without
alternate targets work correctly for both ALB and NLB scenarios
3. **Alternate target tests**: All 6 alternate target configuration
tests pass
4. **JSII compatibility**: Private method signature changes are safe
since JSII doesn't process private methods for cross-language bindings
**Test results:**
- ✅ `alternate-target-configuration.test.ts`: 6/6 tests passed
- ✅ `base-service.test.ts`: 25/25 tests passed
- ✅ ECS service tests: 355/355 tests passed
### Checklist
- [x] My code adheres to the [CONTRIBUTING
GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and
[DESIGN
GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
----
*By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache-2.0 license*
---------
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…rom README (#35197) L2 support for Blue Green is already implemented in #35179. Therefore, I think we should remove the L1 Construct example as there is no reason to keep it. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…35138) CHANGES TO L1 RESOURCES: L1 resources are automatically generated from public CloudFormation Resource Schemas. They are build to closely reflect the real state of CloudFormation. Sometimes these updates can contain changes that are incompatible with previous types, but more accurately reflect reality. In this release we have changed: * **aws-opsworkscm**: CfnServer resource is no longer provisionable (AWS::OpsWorksCM::Server). Service is on deprecation path * **aws-iotfleetwise**: Properties `DataDestinationConfigs`, `SignalsToCollect` and `SignalsToFetch` in resource `CfnCampaign` are now marked as immutable (they will cause a replacement of the resource if updated) **L1 CloudFormation resource definition changes:** ``` ├[~] service aws-amazonmq │ └ resources │ └[~] resource AWS::AmazonMQ::ConfigurationAssociation │ └ attributes │ └ Id: (documentation changed) ├[~] service aws-batch │ └ resources │ ├[~] resource AWS::Batch::JobQueue │ │ ├ properties │ │ │ ├ ComputeEnvironmentOrder: - Array<ComputeEnvironmentOrder> (required) │ │ │ │ + Array<ComputeEnvironmentOrder> │ │ │ ├[+] JobQueueType: string (immutable) │ │ │ └[+] ServiceEnvironmentOrder: Array<ServiceEnvironmentOrder> │ │ └ types │ │ └[+] type ServiceEnvironmentOrder │ │ ├ name: ServiceEnvironmentOrder │ │ └ properties │ │ ├ ServiceEnvironment: string (required) │ │ └ Order: integer (required) │ └[+] resource AWS::Batch::ServiceEnvironment │ ├ name: ServiceEnvironment │ │ cloudFormationType: AWS::Batch::ServiceEnvironment │ │ documentation: Creates a service environment for running service jobs. Service environments define capacity limits for specific service types such as SageMaker Training jobs. │ │ tagInformation: {"tagPropertyName":"Tags","variant":"map"} │ ├ properties │ │ ├ ServiceEnvironmentName: string (immutable) │ │ ├ State: string │ │ ├ ServiceEnvironmentType: string (required, immutable) │ │ ├ CapacityLimits: Array<CapacityLimit> (required) │ │ └ Tags: Map<string, string> │ ├ attributes │ │ └ ServiceEnvironmentArn: string │ └ types │ └ type CapacityLimit │ ├ documentation: Defines the capacity limit for a service environment. This structure specifies the maximum amount of resources that can be used by service jobs in the environment. │ │ name: CapacityLimit │ └ properties │ ├ MaxCapacity: integer │ └ CapacityUnit: string ├[~] service aws-cassandra │ └ resources │ └[~] resource AWS::Cassandra::Table │ └ types │ └[~] type CdcSpecification │ └ properties │ └[+] Tags: Array<tag> ├[~] service aws-cloudfront │ └ resources │ └[~] resource AWS::CloudFront::Distribution │ └ types │ ├[~] type CustomOriginConfig │ │ └ properties │ │ └ OriginReadTimeout: (documentation changed) │ ├[~] type Origin │ │ └ properties │ │ └ ResponseCompletionTimeout: (documentation changed) │ ├[~] type S3OriginConfig │ │ └ properties │ │ └ OriginReadTimeout: (documentation changed) │ └[~] type VpcOriginConfig │ └ properties │ └ OriginReadTimeout: (documentation changed) ├[~] service aws-cognito │ └ resources │ └[~] resource AWS::Cognito::ManagedLoginBranding │ └ properties │ └ Settings: (documentation changed) ├[~] service aws-datazone │ └ resources │ ├[~] resource AWS::DataZone::EnvironmentBlueprintConfiguration │ │ └ types │ │ ├[~] type LakeFormationConfiguration │ │ │ ├ - documentation: undefined │ │ │ │ + documentation: The Lake Formation configuration of the Data Lake blueprint. │ │ │ └ properties │ │ │ ├ LocationRegistrationExcludeS3Locations: (documentation changed) │ │ │ └ LocationRegistrationRole: (documentation changed) │ │ └[~] type ProvisioningConfiguration │ │ ├ - documentation: undefined │ │ │ + documentation: The provisioning configuration of the blueprint. │ │ └ properties │ │ └ LakeFormationConfiguration: (documentation changed) │ ├[~] resource AWS::DataZone::Project │ │ ├ properties │ │ │ ├ ProjectProfileId: (documentation changed) │ │ │ └ ProjectProfileVersion: (documentation changed) │ │ └ types │ │ ├[~] type EnvironmentConfigurationUserParameter │ │ │ ├ - documentation: undefined │ │ │ │ + documentation: The environment configuration user parameters. │ │ │ └ properties │ │ │ ├ EnvironmentConfigurationName: (documentation changed) │ │ │ ├ EnvironmentId: (documentation changed) │ │ │ └ EnvironmentParameters: (documentation changed) │ │ └[~] type EnvironmentParameter │ │ ├ - documentation: undefined │ │ │ + documentation: The parameter details of an evironment profile. │ │ └ properties │ │ ├ Name: (documentation changed) │ │ └ Value: (documentation changed) │ └[~] resource AWS::DataZone::ProjectProfile │ ├ - documentation: Definition of AWS::DataZone::ProjectProfile Resource Type │ │ + documentation: The summary of a project profile. │ ├ properties │ │ ├ DomainIdentifier: (documentation changed) │ │ ├ DomainUnitIdentifier: (documentation changed) │ │ └ EnvironmentConfigurations: (documentation changed) │ ├ attributes │ │ └ Identifier: (documentation changed) │ └ types │ ├[~] type AwsAccount │ │ ├ - documentation: undefined │ │ │ + documentation: The AWS account of the environment. │ │ └ properties │ │ └ AwsAccountId: (documentation changed) │ ├[~] type EnvironmentConfiguration │ │ ├ - documentation: undefined │ │ │ + documentation: The configuration of an environment. │ │ └ properties │ │ ├ AwsAccount: (documentation changed) │ │ ├ AwsRegion: (documentation changed) │ │ ├ ConfigurationParameters: (documentation changed) │ │ ├ DeploymentMode: (documentation changed) │ │ ├ DeploymentOrder: (documentation changed) │ │ ├ Description: (documentation changed) │ │ ├ EnvironmentBlueprintId: (documentation changed) │ │ ├ Id: (documentation changed) │ │ └ Name: (documentation changed) │ ├[~] type EnvironmentConfigurationParameter │ │ ├ - documentation: undefined │ │ │ + documentation: The environment configuration parameter. │ │ └ properties │ │ ├ IsEditable: (documentation changed) │ │ ├ Name: (documentation changed) │ │ └ Value: (documentation changed) │ ├[~] type EnvironmentConfigurationParametersDetails │ │ ├ - documentation: undefined │ │ │ + documentation: The details of the environment configuration parameter. │ │ └ properties │ │ ├ ParameterOverrides: (documentation changed) │ │ ├ ResolvedParameters: (documentation changed) │ │ └ SsmPath: (documentation changed) │ └[~] type Region │ ├ - documentation: undefined │ │ + documentation: The AWS Region. │ └ properties │ └ RegionName: (documentation changed) ├[~] service aws-dax │ └ resources │ └[~] resource AWS::DAX::Cluster │ └ properties │ └[+] NetworkType: string (immutable) ├[~] service aws-deadline │ └ resources │ └[~] resource AWS::Deadline::Fleet │ └ types │ ├[~] type ServiceManagedEc2FleetConfiguration │ │ └ properties │ │ └[+] VpcConfiguration: VpcConfiguration │ └[+] type VpcConfiguration │ ├ name: VpcConfiguration │ └ properties │ └ ResourceConfigurationArns: Array<string> ├[~] service aws-ec2 │ └ resources │ ├[~] resource AWS::EC2::EC2Fleet │ │ └ types │ │ └[~] type EbsBlockDevice │ │ └ properties │ │ └ Encrypted: (documentation changed) │ ├[~] resource AWS::EC2::IPAM │ │ └ properties │ │ └ MeteredAccount: (documentation changed) │ ├[~] resource AWS::EC2::Subnet │ │ └ types │ │ ├[~] type BlockPublicAccessStates │ │ │ └ - documentation: The state of VPC Block Public Access (BPA). │ │ │ + documentation: Specifies the state of VPC Block Public Access (BPA). │ │ └[~] type PrivateDnsNameOptionsOnLaunch │ │ └ - documentation: Describes the options for instance hostnames. │ │ + documentation: Specifies the options for instance hostnames. │ └[+] resource AWS::EC2::TransitGatewayConnectPeer │ ├ name: TransitGatewayConnectPeer │ │ cloudFormationType: AWS::EC2::TransitGatewayConnectPeer │ │ documentation: Resource Type definition for AWS::EC2::TransitGatewayConnectPeer │ │ tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ ├ properties │ │ ├ TransitGatewayAttachmentId: string (required, immutable) │ │ ├ ConnectPeerConfiguration: TransitGatewayConnectPeerConfiguration (required, immutable) │ │ └ Tags: Array<tag> │ ├ attributes │ │ ├ TransitGatewayConnectPeerId: string │ │ ├ ConnectPeerConfiguration.Protocol: string │ │ ├ ConnectPeerConfiguration.BgpConfigurations: Array<TransitGatewayAttachmentBgpConfiguration> │ │ ├ State: string │ │ └ CreationTime: string │ └ types │ ├ type TransitGatewayAttachmentBgpConfiguration │ │ ├ name: TransitGatewayAttachmentBgpConfiguration │ │ └ properties │ │ ├ TransitGatewayAsn: number │ │ ├ PeerAsn: number (immutable) │ │ ├ TransitGatewayAddress: string │ │ ├ PeerAddress: string │ │ └ BgpStatus: string │ └ type TransitGatewayConnectPeerConfiguration │ ├ name: TransitGatewayConnectPeerConfiguration │ └ properties │ ├ TransitGatewayAddress: string (immutable) │ ├ PeerAddress: string (required, immutable) │ ├ InsideCidrBlocks: Array<string> (required, immutable) │ ├ Protocol: string │ └ BgpConfigurations: Array<TransitGatewayAttachmentBgpConfiguration> ├[~] service aws-ecr │ └ resources │ ├[~] resource AWS::ECR::Repository │ │ ├ properties │ │ │ └[+] ImageTagMutabilityExclusionFilters: Array<ImageTagMutabilityExclusionFilter> │ │ └ types │ │ └[+] type ImageTagMutabilityExclusionFilter │ │ ├ name: ImageTagMutabilityExclusionFilter │ │ └ properties │ │ ├ ImageTagMutabilityExclusionFilterType: string (required) │ │ └ ImageTagMutabilityExclusionFilterValue: string (required) │ └[~] resource AWS::ECR::RepositoryCreationTemplate │ ├ properties │ │ └[+] ImageTagMutabilityExclusionFilters: Array<ImageTagMutabilityExclusionFilter> │ └ types │ └[+] type ImageTagMutabilityExclusionFilter │ ├ name: ImageTagMutabilityExclusionFilter │ └ properties │ ├ ImageTagMutabilityExclusionFilterType: string (required) │ └ ImageTagMutabilityExclusionFilterValue: string (required) ├[~] service aws-entityresolution │ └ resources │ ├[~] resource AWS::EntityResolution::IdMappingWorkflow │ │ ├ - documentation: Creates an `IdMappingWorkflow` object which stores the configuration of the data processing job to be run. Each `IdMappingWorkflow` must have a unique workflow name. To modify an existing workflow, use the `UpdateIdMappingWorkflow` API. │ │ │ + documentation: Creates an `IdMappingWorkflow` object which stores the configuration of the data processing job to be run. Each `IdMappingWorkflow` must have a unique workflow name. To modify an existing workflow, use the UpdateIdMappingWorkflow API. │ │ │ > Incremental processing is not supported for ID mapping workflows. │ │ ├ properties │ │ │ └ OutputSourceConfig: (documentation changed) │ │ └ types │ │ ├[~] type IdMappingRuleBasedProperties │ │ │ └ properties │ │ │ └ AttributeMatchingModel: (documentation changed) │ │ ├[~] type IdMappingWorkflowInputSource │ │ │ └ - documentation: An object containing `InputSourceARN` , `SchemaName` , and `Type` . │ │ │ + documentation: An object containing `inputSourceARN` , `schemaName` , and `type` . │ │ ├[~] type IdMappingWorkflowOutputSource │ │ │ └ - documentation: A list of `IdMappingWorkflowOutputSource` objects, each of which contains fields `OutputS3Path` and `Output` . │ │ │ + documentation: A list of `IdMappingWorkflowOutputSource` objects, each of which contains fields `outputS3Path` and `KMSArn` . │ │ └[~] type Rule │ │ └ - documentation: An object containing `RuleName` , and `MatchingKeys` . │ │ + documentation: An object containing the `ruleName` and `matchingKeys` . │ ├[~] resource AWS::EntityResolution::IdNamespace │ │ ├ - documentation: Creates an ID namespace object which will help customers provide metadata explaining their dataset and how to use it. Each ID namespace must have a unique name. To modify an existing ID namespace, use the `UpdateIdNamespace` API. │ │ │ + documentation: Creates an ID namespace object which will help customers provide metadata explaining their dataset and how to use it. Each ID namespace must have a unique name. To modify an existing ID namespace, use the UpdateIdNamespace API. │ │ └ types │ │ ├[~] type IdNamespaceIdMappingWorkflowProperties │ │ │ └ - documentation: An object containing `IdMappingType` , `ProviderProperties` , and `RuleBasedProperties` . │ │ │ + documentation: An object containing `idMappingType` , `providerProperties` , and `ruleBasedProperties` . │ │ ├[~] type IdNamespaceInputSource │ │ │ └ - documentation: An object containing `InputSourceARN` and `SchemaName` . │ │ │ + documentation: An object containing `inputSourceARN` and `schemaName` . │ │ ├[~] type NamespaceProviderProperties │ │ │ └ - documentation: An object containing `ProviderConfiguration` and `ProviderServiceArn` . │ │ │ + documentation: An object containing `providerConfiguration` and `providerServiceArn` . │ │ ├[~] type NamespaceRuleBasedProperties │ │ │ └ properties │ │ │ └ AttributeMatchingModel: (documentation changed) │ │ └[~] type Rule │ │ └ - documentation: An object containing `RuleName` , and `MatchingKeys` . │ │ + documentation: An object containing the `ruleName` and `matchingKeys` . │ └[~] resource AWS::EntityResolution::MatchingWorkflow │ ├ - documentation: Creates a matching workflow that defines the configuration for a data processing job. The workflow name must be unique. To modify an existing workflow, use `UpdateMatchingWorkflow` . │ │ > For workflows where `resolutionType` is ML_MATCHING, incremental processing is not supported. │ │ + documentation: Creates a matching workflow that defines the configuration for a data processing job. The workflow name must be unique. To modify an existing workflow, use `UpdateMatchingWorkflow` . │ │ > For workflows where `resolutionType` is `ML_MATCHING` or `PROVIDER` , incremental processing is not supported. │ ├ properties │ │ ├ IncrementalRunConfig: (documentation changed) │ │ └ OutputSourceConfig: (documentation changed) │ └ types │ ├[~] type IncrementalRunConfig │ │ ├ - documentation: Optional. An object that defines the incremental run type. This object contains only the `incrementalRunType` field, which appears as "Automatic" in the console. │ │ │ > For workflows where `resolutionType` is `ML_MATCHING` , incremental processing is not supported. │ │ │ + documentation: Optional. An object that defines the incremental run type. This object contains only the `incrementalRunType` field, which appears as "Automatic" in the console. │ │ │ > For workflows where `resolutionType` is `ML_MATCHING` or `PROVIDER` , incremental processing is not supported. │ │ └ properties │ │ └ IncrementalRunType: (documentation changed) │ ├[~] type InputSource │ │ ├ - documentation: An object containing `InputSourceARN` , `SchemaName` , and `ApplyNormalization` . │ │ │ + documentation: An object containing `inputSourceARN` , `schemaName` , and `applyNormalization` . │ │ └ properties │ │ └ InputSourceARN: (documentation changed) │ ├[~] type ResolutionTechniques │ │ └ properties │ │ ├ ResolutionType: (documentation changed) │ │ ├ RuleBasedProperties: (documentation changed) │ │ └[+] RuleConditionProperties: RuleConditionProperties │ ├[~] type Rule │ │ └ - documentation: An object containing `RuleName` , and `MatchingKeys` . │ │ + documentation: An object containing the `ruleName` and `matchingKeys` . │ ├[~] type RuleBasedProperties │ │ ├ - documentation: An object which defines the list of matching rules to run in a matching workflow. RuleBasedProperties contain a `Rules` field, which is a list of rule objects. │ │ │ + documentation: An object which defines the list of matching rules to run in a matching workflow. │ │ └ properties │ │ └ AttributeMatchingModel: (documentation changed) │ ├[+] type RuleCondition │ │ ├ name: RuleCondition │ │ └ properties │ │ ├ RuleName: string │ │ └ Condition: string │ └[+] type RuleConditionProperties │ ├ name: RuleConditionProperties │ └ properties │ └ Rules: Array<RuleCondition> (required) ├[~] service aws-iot │ └ resources │ └[+] resource AWS::IoT::EncryptionConfiguration │ ├ name: EncryptionConfiguration │ │ cloudFormationType: AWS::IoT::EncryptionConfiguration │ │ documentation: Resource Type definition for AWS::IoT::EncryptionConfiguration │ ├ properties │ │ ├ EncryptionType: string (required) │ │ ├ KmsAccessRoleArn: string │ │ └ KmsKeyArn: string │ ├ attributes │ │ ├ AccountId: string │ │ ├ ConfigurationDetails: ConfigurationDetails │ │ └ LastModifiedDate: string │ └ types │ └ type ConfigurationDetails │ ├ name: ConfigurationDetails │ └ properties │ ├ ConfigurationStatus: string │ ├ ErrorCode: string │ └ ErrorMessage: string ├[~] service aws-iotfleetwise │ └ resources │ └[~] resource AWS::IoTFleetWise::Campaign │ └ properties │ ├ DataDestinationConfigs: - Array<DataDestinationConfig> │ │ + Array<DataDestinationConfig> (immutable) │ ├ SignalsToCollect: - Array<SignalInformation> │ │ + Array<SignalInformation> (immutable) │ └ SignalsToFetch: - Array<SignalFetchInformation> │ + Array<SignalFetchInformation> (immutable) ├[~] service aws-iotsitewise │ └ resources │ ├[+] resource AWS::IoTSiteWise::ComputationModel │ │ ├ name: ComputationModel │ │ │ cloudFormationType: AWS::IoTSiteWise::ComputationModel │ │ │ documentation: Resource schema for AWS::IoTSiteWise::ComputationModel. │ │ │ tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ │ ├ properties │ │ │ ├ ComputationModelName: string (required) │ │ │ ├ ComputationModelDescription: string │ │ │ ├ ComputationModelConfiguration: ComputationModelConfiguration (required) │ │ │ ├ ComputationModelDataBinding: Map<string, ComputationModelDataBindingValue> (required) │ │ │ └ Tags: Array<tag> │ │ ├ attributes │ │ │ ├ ComputationModelArn: string │ │ │ └ ComputationModelId: string │ │ └ types │ │ ├ type AnomalyDetectionComputationModelConfiguration │ │ │ ├ name: AnomalyDetectionComputationModelConfiguration │ │ │ └ properties │ │ │ ├ InputProperties: string (required) │ │ │ └ ResultProperty: string (required) │ │ ├ type AssetModelPropertyBindingValue │ │ │ ├ name: AssetModelPropertyBindingValue │ │ │ └ properties │ │ │ ├ AssetModelId: string (required) │ │ │ └ PropertyId: string (required) │ │ ├ type AssetPropertyBindingValue │ │ │ ├ name: AssetPropertyBindingValue │ │ │ └ properties │ │ │ ├ AssetId: string (required) │ │ │ └ PropertyId: string (required) │ │ ├ type ComputationModelConfiguration │ │ │ ├ name: ComputationModelConfiguration │ │ │ └ properties │ │ │ └ AnomalyDetection: AnomalyDetectionComputationModelConfiguration │ │ └ type ComputationModelDataBindingValue │ │ ├ name: ComputationModelDataBindingValue │ │ └ properties │ │ ├ AssetModelProperty: AssetModelPropertyBindingValue │ │ ├ AssetProperty: AssetPropertyBindingValue │ │ └ List: Array<ComputationModelDataBindingValue> │ └[~] resource AWS::IoTSiteWise::Gateway │ └ properties │ └ GatewayVersion: (documentation changed) ├[~] service aws-lightsail │ └ resources │ └[+] resource AWS::Lightsail::Domain │ ├ name: Domain │ │ cloudFormationType: AWS::Lightsail::Domain │ │ documentation: Describes a domain where you are storing recordsets. │ │ tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ ├ properties │ │ ├ DomainName: string (required, immutable) │ │ ├ DomainEntries: Array<DomainEntry> │ │ └ Tags: Array<tag> │ ├ attributes │ │ ├ Arn: string │ │ ├ SupportCode: string │ │ ├ CreatedAt: string │ │ ├ Location: Location │ │ └ ResourceType: string │ └ types │ ├ type DomainEntry │ │ ├ documentation: Describes a domain recordset entry. │ │ │ name: DomainEntry │ │ └ properties │ │ ├ Id: string │ │ ├ Name: string (required) │ │ ├ Target: string (required) │ │ ├ IsAlias: boolean │ │ └ Type: string (required) │ └ type Location │ ├ documentation: The AWS Region and Availability Zone where the domain was created (read-only). │ │ name: Location │ └ properties │ ├ AvailabilityZone: string │ └ RegionName: string ├[~] service aws-logs │ └ resources │ ├[~] resource AWS::Logs::Destination │ │ ├ - tagInformation: undefined │ │ │ + tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ │ └ properties │ │ └[+] Tags: Array<tag> │ └[~] resource AWS::Logs::LogGroup │ └ properties │ └[+] ResourcePolicyDocument: json ├[~] service aws-medialive │ └ resources │ └[~] resource AWS::MediaLive::Channel │ └ types │ ├[~] type MediaPackageGroupSettings │ │ └ properties │ │ └[+] MediapackageV2GroupSettings: MediaPackageV2GroupSettings │ ├[~] type MediaPackageOutputSettings │ │ ├ - documentation: undefined │ │ │ + documentation: The settings for a MediaPackage output. │ │ │ The parent of this entity is OutputSettings. │ │ └ properties │ │ └[+] MediaPackageV2DestinationSettings: MediaPackageV2DestinationSettings │ ├[+] type MediaPackageV2DestinationSettings │ │ ├ name: MediaPackageV2DestinationSettings │ │ └ properties │ │ ├ HlsDefault: string │ │ ├ AudioRenditionSets: string │ │ ├ AudioGroupId: string │ │ └ HlsAutoSelect: string │ └[+] type MediaPackageV2GroupSettings │ ├ name: MediaPackageV2GroupSettings │ └ properties │ └ CaptionLanguageMappings: Array<CaptionLanguageMapping> ├[~] service aws-mediapackagev2 │ └ resources │ ├[~] resource AWS::MediaPackageV2::Channel │ │ └ types │ │ └[~] type InputSwitchConfiguration │ │ └ properties │ │ └[+] PreferredInput: integer │ ├[~] resource AWS::MediaPackageV2::OriginEndpoint │ │ └ types │ │ └[~] type Encryption │ │ └ properties │ │ └[+] CmafExcludeSegmentDrmMetadata: boolean │ └[~] resource AWS::MediaPackageV2::OriginEndpointPolicy │ ├ properties │ │ └[+] CdnAuthConfiguration: CdnAuthConfiguration │ └ types │ └[+] type CdnAuthConfiguration │ ├ documentation: The settings to enable CDN authorization headers in MediaPackage. │ │ name: CdnAuthConfiguration │ └ properties │ ├ CdnIdentifierSecretArns: Array<string> (required) │ └ SecretsRoleArn: string (required) ├[~] service aws-opensearchserverless │ └ resources │ └[~] resource AWS::OpenSearchServerless::SecurityConfig │ └ types │ └[~] type SamlConfigOptions │ └ properties │ └ OpenSearchServerlessEntityId: (documentation changed) ├[~] service aws-opsworkscm │ └ resources │ └[~] resource AWS::OpsWorksCM::Server │ ├ - tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ │ + tagInformation: undefined │ ├ properties │ │ └[-] ServerName: string (immutable) │ └ attributes │ └[-] Id: string ├[~] service aws-quicksight │ └ resources │ └[~] resource AWS::QuickSight::Topic │ ├ properties │ │ └[+] CustomInstructions: CustomInstructions │ └ types │ └[+] type CustomInstructions │ ├ name: CustomInstructions │ └ properties │ └ CustomInstructionsString: string (required) ├[~] service aws-rds │ └ resources │ └[~] resource AWS::RDS::DBInstance │ ├ properties │ │ └[+] StatusInfos: Array<DBInstanceStatusInfo> │ ├ attributes │ │ ├[+] AutomaticRestartTime: string │ │ ├[+] PercentProgress: string │ │ ├[+] ResumeFullAutomationModeTime: string │ │ └[+] SecondaryAvailabilityZone: string │ └ types │ └[+] type DBInstanceStatusInfo │ ├ name: DBInstanceStatusInfo │ └ properties │ ├ Message: string │ ├ Normal: boolean │ ├ Status: string │ └ StatusType: string ├[~] service aws-s3 │ └ resources │ └[~] resource AWS::S3::AccessPoint │ ├ - tagInformation: undefined │ │ + tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ └ properties │ └[+] Tags: Array<tag> ├[~] service aws-s3express │ └ resources │ └[~] resource AWS::S3Express::AccessPoint │ ├ - tagInformation: undefined │ │ + tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ └ properties │ └[+] Tags: Array<tag> ├[~] service aws-sagemaker │ └ resources │ ├[~] resource AWS::SageMaker::Cluster │ │ ├ properties │ │ │ ├ InstanceGroups: - Array<ClusterInstanceGroup> (required) │ │ │ │ + Array<ClusterInstanceGroup> │ │ │ └[+] RestrictedInstanceGroups: Array<ClusterRestrictedInstanceGroup> │ │ └ types │ │ ├[~] type ClusterInstanceGroup │ │ │ └ properties │ │ │ └[+] TrainingPlanArn: string │ │ ├[+] type ClusterRestrictedInstanceGroup │ │ │ ├ documentation: Details of a restricted instance group in a SageMaker HyperPod cluster. │ │ │ │ name: ClusterRestrictedInstanceGroup │ │ │ └ properties │ │ │ ├ OverrideVpcConfig: VpcConfig (immutable) │ │ │ ├ InstanceCount: integer (required) │ │ │ ├ OnStartDeepHealthChecks: Array<string> │ │ │ ├ EnvironmentConfig: EnvironmentConfig (required) │ │ │ ├ InstanceGroupName: string (required, immutable) │ │ │ ├ InstanceStorageConfigs: Array<ClusterInstanceStorageConfig> │ │ │ ├ CurrentCount: integer │ │ │ ├ TrainingPlanArn: string │ │ │ ├ InstanceType: string (required, immutable) │ │ │ ├ ThreadsPerCore: integer (immutable) │ │ │ └ ExecutionRole: string (required, immutable) │ │ ├[+] type EnvironmentConfig │ │ │ ├ documentation: The configuration for the restricted instance groups (RIG) environment. │ │ │ │ name: EnvironmentConfig │ │ │ └ properties │ │ │ └ FSxLustreConfig: FSxLustreConfig │ │ └[+] type FSxLustreConfig │ │ ├ documentation: Configuration settings for an Amazon FSx for Lustre file system to be used with the cluster. │ │ │ name: FSxLustreConfig │ │ └ properties │ │ ├ SizeInGiB: integer (required) │ │ └ PerUnitStorageThroughput: integer (required) │ ├[~] resource AWS::SageMaker::Domain │ │ └ types │ │ ├[~] type CustomFileSystemConfig │ │ │ └ properties │ │ │ └[+] S3FileSystemConfig: S3FileSystemConfig │ │ ├[+] type S3FileSystemConfig │ │ │ ├ documentation: Configuration for the custom Amazon S3 file system. │ │ │ │ name: S3FileSystemConfig │ │ │ └ properties │ │ │ ├ MountPath: string │ │ │ └ S3Uri: string │ │ └[~] type UnifiedStudioSettings │ │ └ properties │ │ └ SingleSignOnApplicationArn: (documentation changed) │ ├[+] resource AWS::SageMaker::ProcessingJob │ │ ├ name: ProcessingJob │ │ │ cloudFormationType: AWS::SageMaker::ProcessingJob │ │ │ documentation: Resource Type definition for AWS::SageMaker::ProcessingJob │ │ │ tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ │ ├ properties │ │ │ ├ AppSpecification: AppSpecification (required, immutable) │ │ │ ├ Environment: Map<string, string> (immutable) │ │ │ ├ ExperimentConfig: ExperimentConfig (immutable) │ │ │ ├ NetworkConfig: NetworkConfig (immutable) │ │ │ ├ ProcessingInputs: Array<ProcessingInputsObject> (immutable) │ │ │ ├ ProcessingJobName: string (immutable) │ │ │ ├ ProcessingOutputConfig: ProcessingOutputConfig (immutable) │ │ │ ├ ProcessingResources: ProcessingResources (required, immutable) │ │ │ ├ RoleArn: string (required, immutable) │ │ │ ├ StoppingCondition: StoppingCondition (immutable) │ │ │ └ Tags: Array<tag> (immutable) │ │ ├ attributes │ │ │ ├ ProcessingJobArn: string │ │ │ ├ TrainingJobArn: string │ │ │ ├ AutoMLJobArn: string │ │ │ ├ ExitMessage: string │ │ │ ├ FailureReason: string │ │ │ ├ MonitoringScheduleArn: string │ │ │ ├ ProcessingJobStatus: string │ │ │ ├ CreationTime: string │ │ │ ├ LastModifiedTime: string │ │ │ ├ ProcessingStartTime: string │ │ │ └ ProcessingEndTime: string │ │ └ types │ │ ├ type AppSpecification │ │ │ ├ documentation: Configures the processing job to run a specified Docker container image. │ │ │ │ name: AppSpecification │ │ │ └ properties │ │ │ ├ ContainerArguments: Array<string> │ │ │ ├ ContainerEntrypoint: Array<string> │ │ │ └ ImageUri: string (required) │ │ ├ type AthenaDatasetDefinition │ │ │ ├ documentation: Configuration for Athena Dataset Definition input. │ │ │ │ name: AthenaDatasetDefinition │ │ │ └ properties │ │ │ ├ Catalog: string (required) │ │ │ ├ Database: string (required) │ │ │ ├ OutputS3Uri: string (required) │ │ │ ├ QueryString: string (required) │ │ │ ├ WorkGroup: string │ │ │ ├ OutputFormat: string (required) │ │ │ ├ KmsKeyId: string │ │ │ └ OutputCompression: string │ │ ├ type ClusterConfig │ │ │ ├ documentation: Configuration for the cluster used to run a processing job. │ │ │ │ name: ClusterConfig │ │ │ └ properties │ │ │ ├ InstanceCount: integer (required) │ │ │ ├ InstanceType: string (required) │ │ │ ├ VolumeSizeInGB: integer (required) │ │ │ └ VolumeKmsKeyId: string │ │ ├ type DatasetDefinition │ │ │ ├ documentation: Configuration for Dataset Definition inputs. The Dataset Definition input must specify exactly one of either `AthenaDatasetDefinition` or `RedshiftDatasetDefinition` types. │ │ │ │ name: DatasetDefinition │ │ │ └ properties │ │ │ ├ AthenaDatasetDefinition: AthenaDatasetDefinition │ │ │ ├ RedshiftDatasetDefinition: RedshiftDatasetDefinition │ │ │ ├ DataDistributionType: string │ │ │ ├ InputMode: string │ │ │ └ LocalPath: string │ │ ├ type ExperimentConfig │ │ │ ├ documentation: Associates a SageMaker job as a trial component with an experiment and trial. │ │ │ │ name: ExperimentConfig │ │ │ └ properties │ │ │ ├ ExperimentName: string │ │ │ ├ TrialName: string │ │ │ ├ TrialComponentDisplayName: string │ │ │ └ RunName: string │ │ ├ type FeatureStoreOutput │ │ │ ├ documentation: Configuration for processing job outputs in Amazon SageMaker Feature Store. │ │ │ │ name: FeatureStoreOutput │ │ │ └ properties │ │ │ └ FeatureGroupName: string (required) │ │ ├ type NetworkConfig │ │ │ ├ documentation: Networking options for a job, such as network traffic encryption between containers, whether to allow inbound and outbound network calls to and from containers, and the VPC subnets and security groups to use for VPC-enabled jobs. │ │ │ │ name: NetworkConfig │ │ │ └ properties │ │ │ ├ EnableInterContainerTrafficEncryption: boolean │ │ │ ├ EnableNetworkIsolation: boolean │ │ │ └ VpcConfig: VpcConfig │ │ ├ type ProcessingInputsObject │ │ │ ├ documentation: The inputs for a processing job. The processing input must specify exactly one of either S3Input or DatasetDefinition types. │ │ │ │ name: ProcessingInputsObject │ │ │ └ properties │ │ │ ├ S3Input: S3Input │ │ │ ├ DatasetDefinition: DatasetDefinition │ │ │ ├ InputName: string (required) │ │ │ └ AppManaged: boolean │ │ ├ type ProcessingOutputConfig │ │ │ ├ documentation: Configuration for uploading output from the processing container. │ │ │ │ name: ProcessingOutputConfig │ │ │ └ properties │ │ │ ├ KmsKeyId: string │ │ │ └ Outputs: Array<ProcessingOutputsObject> (required) │ │ ├ type ProcessingOutputsObject │ │ │ ├ documentation: Describes the results of a processing job. The processing output must specify exactly one of either S3Output or FeatureStoreOutput types. │ │ │ │ name: ProcessingOutputsObject │ │ │ └ properties │ │ │ ├ OutputName: string (required) │ │ │ ├ AppManaged: boolean │ │ │ ├ S3Output: S3Output │ │ │ └ FeatureStoreOutput: FeatureStoreOutput │ │ ├ type ProcessingResources │ │ │ ├ documentation: Identifies the resources, ML compute instances, and ML storage volumes to deploy for a processing job. In distributed training, you specify more than one instance. │ │ │ │ name: ProcessingResources │ │ │ └ properties │ │ │ └ ClusterConfig: ClusterConfig (required) │ │ ├ type RedshiftDatasetDefinition │ │ │ ├ documentation: Configuration for Redshift Dataset Definition input. │ │ │ │ name: RedshiftDatasetDefinition │ │ │ └ properties │ │ │ ├ Database: string (required) │ │ │ ├ DbUser: string (required) │ │ │ ├ QueryString: string (required) │ │ │ ├ ClusterId: string (required) │ │ │ ├ ClusterRoleArn: string (required) │ │ │ ├ OutputS3Uri: string (required) │ │ │ ├ OutputFormat: string (required) │ │ │ ├ KmsKeyId: string │ │ │ └ OutputCompression: string │ │ ├ type S3Input │ │ │ ├ documentation: Configuration for downloading input data from Amazon S3 into the processing container. │ │ │ │ name: S3Input │ │ │ └ properties │ │ │ ├ LocalPath: string │ │ │ ├ S3CompressionType: string │ │ │ ├ S3DataDistributionType: string │ │ │ ├ S3DataType: string (required) │ │ │ ├ S3InputMode: string │ │ │ └ S3Uri: string (required) │ │ ├ type S3Output │ │ │ ├ documentation: Configuration for uploading output data to Amazon S3 from the processing container. │ │ │ │ name: S3Output │ │ │ └ properties │ │ │ ├ LocalPath: string │ │ │ ├ S3UploadMode: string (required) │ │ │ └ S3Uri: string (required) │ │ ├ type StoppingCondition │ │ │ ├ documentation: Configures conditions under which the processing job should be stopped, such as how long the processing job has been running. After the condition is met, the processing job is stopped. │ │ │ │ name: StoppingCondition │ │ │ └ properties │ │ │ └ MaxRuntimeInSeconds: integer (required) │ │ └ type VpcConfig │ │ ├ documentation: Specifies an Amazon Virtual Private Cloud (VPC) that your SageMaker jobs, hosted models, and compute resources have access to. You can control access to and from your resources by configuring a VPC. For more information, see https://docs.aws.amazon.com/sagemaker/latest/dg/infrastructure-give-access.html │ │ │ name: VpcConfig │ │ └ properties │ │ ├ SecurityGroupIds: Array<string> (required) │ │ └ Subnets: Array<string> (required) │ ├[~] resource AWS::SageMaker::Space │ │ └ types │ │ ├[~] type CustomFileSystem │ │ │ └ properties │ │ │ └[+] S3FileSystem: S3FileSystem │ │ └[+] type S3FileSystem │ │ ├ documentation: A custom file system in Amazon S3. This is only supported in Amazon SageMaker Unified Studio. │ │ │ name: S3FileSystem │ │ └ properties │ │ └ S3Uri: string │ └[~] resource AWS::SageMaker::UserProfile │ └ types │ ├[~] type CustomFileSystemConfig │ │ └ properties │ │ └[+] S3FileSystemConfig: S3FileSystemConfig │ └[+] type S3FileSystemConfig │ ├ documentation: Configuration for the custom Amazon S3 file system. │ │ name: S3FileSystemConfig │ └ properties │ ├ MountPath: string │ └ S3Uri: string ├[~] service aws-ses │ └ resources │ ├[~] resource AWS::SES::ConfigurationSet │ │ ├ - tagInformation: undefined │ │ │ + tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ │ └ properties │ │ └[+] Tags: Array<tag> │ ├[~] resource AWS::SES::DedicatedIpPool │ │ ├ - tagInformation: undefined │ │ │ + tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ │ └ properties │ │ └[+] Tags: Array<tag> │ └[~] resource AWS::SES::EmailIdentity │ ├ - tagInformation: undefined │ │ + tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ └ properties │ └[+] Tags: Array<tag> ├[~] service aws-ssm │ └ resources │ └[~] resource AWS::SSM::PatchBaseline │ └ properties │ └ AvailableSecurityUpdatesComplianceStatus: (documentation changed) └[~] service aws-wisdom └ resources └[~] resource AWS::Wisdom::MessageTemplate ├ properties │ └ MessageTemplateAttachments: (documentation changed) └ types └[~] type MessageTemplateAttachment └ properties └ S3PresignedUrl: (documentation changed) ``` Co-authored-by: aws-cdk-automation <[email protected]>
…updates (#35176) Bumps the npm_and_yarn group with 1 update in the / directory: [esbuild](https://github.com/evanw/esbuild). Bumps the npm_and_yarn group with 1 update in the /tools/@aws-cdk/construct-metadata-updater directory: [esbuild](https://github.com/evanw/esbuild). Bumps the npm_and_yarn group with 1 update in the /tools/@aws-cdk/enum-updater directory: [tmp](https://github.com/raszi/node-tmp). Updates `esbuild` from 0.24.2 to 0.25.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/evanw/esbuild/releases">esbuild's releases</a>.</em></p> <blockquote> <h2>v0.25.0</h2> <p><strong>This release deliberately contains backwards-incompatible changes.</strong> To avoid automatically picking up releases like this, you should either be pinning the exact version of <code>esbuild</code> in your <code>package.json</code> file (recommended) or be using a version range syntax that only accepts patch upgrades such as <code>^0.24.0</code> or <code>~0.24.0</code>. See npm's documentation about <a href="https://docs.npmjs.com/cli/v6/using-npm/semver/">semver</a> for more information.</p> <ul> <li> <p>Restrict access to esbuild's development server (<a href="https://github.com/evanw/esbuild/security/advisories/GHSA-67mh-4wv8-2f99">GHSA-67mh-4wv8-2f99</a>)</p> <p>This change addresses esbuild's first security vulnerability report. Previously esbuild set the <code>Access-Control-Allow-Origin</code> header to <code>*</code> to allow esbuild's development server to be flexible in how it's used for development. However, this allows the websites you visit to make HTTP requests to esbuild's local development server, which gives read-only access to your source code if the website were to fetch your source code's specific URL. You can read more information in <a href="https://github.com/evanw/esbuild/security/advisories/GHSA-67mh-4wv8-2f99">the report</a>.</p> <p>Starting with this release, <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS">CORS</a> will now be disabled, and requests will now be denied if the host does not match the one provided to <code>--serve=</code>. The default host is <code>0.0.0.0</code>, which refers to all of the IP addresses that represent the local machine (e.g. both <code>127.0.0.1</code> and <code>192.168.0.1</code>). If you want to customize anything about esbuild's development server, you can <a href="https://esbuild.github.io/api/#serve-proxy">put a proxy in front of esbuild</a> and modify the incoming and/or outgoing requests.</p> <p>In addition, the <code>serve()</code> API call has been changed to return an array of <code>hosts</code> instead of a single <code>host</code> string. This makes it possible to determine all of the hosts that esbuild's development server will accept.</p> <p>Thanks to <a href="https://github.com/sapphi-red"><code>@sapphi-red</code></a> for reporting this issue.</p> </li> <li> <p>Delete output files when a build fails in watch mode (<a href="https://github.com/evanw/esbuild/issues/3643">#3643</a>)</p> <p>It has been requested for esbuild to delete files when a build fails in watch mode. Previously esbuild left the old files in place, which could cause people to not immediately realize that the most recent build failed. With this release, esbuild will now delete all output files if a rebuild fails. Fixing the build error and triggering another rebuild will restore all output files again.</p> </li> <li> <p>Fix correctness issues with the CSS nesting transform (<a href="https://github.com/evanw/esbuild/issues/3620">#3620</a>, <a href="https://github.com/evanw/esbuild/issues/3877">#3877</a>, <a href="https://github.com/evanw/esbuild/issues/3933">#3933</a>, <a href="https://github.com/evanw/esbuild/issues/3997">#3997</a>, <a href="https://github.com/evanw/esbuild/issues/4005">#4005</a>, <a href="https://github.com/evanw/esbuild/pull/4037">#4037</a>, <a href="https://github.com/evanw/esbuild/pull/4038">#4038</a>)</p> <p>This release fixes the following problems:</p> <ul> <li> <p>Naive expansion of CSS nesting can result in an exponential blow-up of generated CSS if each nesting level has multiple selectors. Previously esbuild sometimes collapsed individual nesting levels using <code>:is()</code> to limit expansion. However, this collapsing wasn't correct in some cases, so it has been removed to fix correctness issues.</p> <pre lang="css"><code>/* Original code */ .parent { > .a, > .b1 > .b2 { color: red; } } <p>/* Old output (with --supported:nesting=false) */<br /> .parent > :is(.a, .b1 > .b2) {<br /> color: red;<br /> }</p> <p>/* New output (with --supported:nesting=false) */<br /> .parent > .a,<br /> .parent > .b1 > .b2 {<br /> color: red;<br /> }<br /> </code></pre></p> <p>Thanks to <a href="https://github.com/tim-we"><code>@tim-we</code></a> for working on a fix.</p> </li> <li> <p>The <code>&</code> CSS nesting selector can be repeated multiple times to increase CSS specificity. Previously esbuild ignored this possibility and incorrectly considered <code>&&</code> to have the same specificity as <code>&</code>. With this release, this should now work correctly:</p> <pre lang="css"><code>/* Original code (color should be red) */ </code></pre> </li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md">esbuild's changelog</a>.</em></p> <blockquote> <h1>Changelog: 2024</h1> <p>This changelog documents all esbuild versions published in the year 2024 (versions 0.19.12 through 0.24.2).</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/evanw/esbuild/commit/e9174d671b1882758cd32ac5e146200f5bee3e45"><code>e9174d6</code></a> publish 0.25.0 to npm</li> <li><a href="https://github.com/evanw/esbuild/commit/c27dbebb9e7a55dd9a084dd151dddd840787490e"><code>c27dbeb</code></a> fix <code>hosts</code> in <code>plugin-tests.js</code></li> <li><a href="https://github.com/evanw/esbuild/commit/6794f602a453cf0255bcae245871de120a89a559"><code>6794f60</code></a> fix <code>hosts</code> in <code>node-unref-tests.js</code></li> <li><a href="https://github.com/evanw/esbuild/commit/de85afd65edec9ebc44a11e245fd9e9a2e99760d"><code>de85afd</code></a> Merge commit from fork</li> <li><a href="https://github.com/evanw/esbuild/commit/da1de1bf77a65f06654b49878d9ec4747ddaa21f"><code>da1de1b</code></a> fix <a href="https://github.com/evanw/esbuild/issues/4065">#4065</a>: bitwise operators can return bigints</li> <li><a href="https://github.com/evanw/esbuild/commit/f4e9d19fb20095a98bf40634f0380f6a16be91e7"><code>f4e9d19</code></a> switch case liveness: <code>default</code> is always last</li> <li><a href="https://github.com/evanw/esbuild/commit/7aa47c3e778ea04849f97f18dd9959df88fa0886"><code>7aa47c3</code></a> fix <a href="https://github.com/evanw/esbuild/issues/4028">#4028</a>: minify live/dead <code>switch</code> cases better</li> <li><a href="https://github.com/evanw/esbuild/commit/22ecd306190b8971ec4474b5485266c20350e266"><code>22ecd30</code></a> minify: more constant folding for strict equality</li> <li><a href="https://github.com/evanw/esbuild/commit/4cdf03c03697128044fa8fb76e5c478e9765b353"><code>4cdf03c</code></a> fix <a href="https://github.com/evanw/esbuild/issues/4053">#4053</a>: reordering of <code>.tsx</code> in <code>node_modules</code></li> <li><a href="https://github.com/evanw/esbuild/commit/dc719775b7140120916bd9e6777ca1cb8a1cdc0e"><code>dc71977</code></a> fix <a href="https://github.com/evanw/esbuild/issues/3692">#3692</a>: <code>0</code> now picks a random ephemeral port</li> <li>Additional commits viewable in <a href="https://github.com/evanw/esbuild/compare/v0.24.2...v0.25.0">compare view</a></li> </ul> </details> <br /> Updates `esbuild` from 0.24.2 to 0.25.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/evanw/esbuild/releases">esbuild's releases</a>.</em></p> <blockquote> <h2>v0.25.0</h2> <p><strong>This release deliberately contains backwards-incompatible changes.</strong> To avoid automatically picking up releases like this, you should either be pinning the exact version of <code>esbuild</code> in your <code>package.json</code> file (recommended) or be using a version range syntax that only accepts patch upgrades such as <code>^0.24.0</code> or <code>~0.24.0</code>. See npm's documentation about <a href="https://docs.npmjs.com/cli/v6/using-npm/semver/">semver</a> for more information.</p> <ul> <li> <p>Restrict access to esbuild's development server (<a href="https://github.com/evanw/esbuild/security/advisories/GHSA-67mh-4wv8-2f99">GHSA-67mh-4wv8-2f99</a>)</p> <p>This change addresses esbuild's first security vulnerability report. Previously esbuild set the <code>Access-Control-Allow-Origin</code> header to <code>*</code> to allow esbuild's development server to be flexible in how it's used for development. However, this allows the websites you visit to make HTTP requests to esbuild's local development server, which gives read-only access to your source code if the website were to fetch your source code's specific URL. You can read more information in <a href="https://github.com/evanw/esbuild/security/advisories/GHSA-67mh-4wv8-2f99">the report</a>.</p> <p>Starting with this release, <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS">CORS</a> will now be disabled, and requests will now be denied if the host does not match the one provided to <code>--serve=</code>. The default host is <code>0.0.0.0</code>, which refers to all of the IP addresses that represent the local machine (e.g. both <code>127.0.0.1</code> and <code>192.168.0.1</code>). If you want to customize anything about esbuild's development server, you can <a href="https://esbuild.github.io/api/#serve-proxy">put a proxy in front of esbuild</a> and modify the incoming and/or outgoing requests.</p> <p>In addition, the <code>serve()</code> API call has been changed to return an array of <code>hosts</code> instead of a single <code>host</code> string. This makes it possible to determine all of the hosts that esbuild's development server will accept.</p> <p>Thanks to <a href="https://github.com/sapphi-red"><code>@sapphi-red</code></a> for reporting this issue.</p> </li> <li> <p>Delete output files when a build fails in watch mode (<a href="https://github.com/evanw/esbuild/issues/3643">#3643</a>)</p> <p>It has been requested for esbuild to delete files when a build fails in watch mode. Previously esbuild left the old files in place, which could cause people to not immediately realize that the most recent build failed. With this release, esbuild will now delete all output files if a rebuild fails. Fixing the build error and triggering another rebuild will restore all output files again.</p> </li> <li> <p>Fix correctness issues with the CSS nesting transform (<a href="https://github.com/evanw/esbuild/issues/3620">#3620</a>, <a href="https://github.com/evanw/esbuild/issues/3877">#3877</a>, <a href="https://github.com/evanw/esbuild/issues/3933">#3933</a>, <a href="https://github.com/evanw/esbuild/issues/3997">#3997</a>, <a href="https://github.com/evanw/esbuild/issues/4005">#4005</a>, <a href="https://github.com/evanw/esbuild/pull/4037">#4037</a>, <a href="https://github.com/evanw/esbuild/pull/4038">#4038</a>)</p> <p>This release fixes the following problems:</p> <ul> <li> <p>Naive expansion of CSS nesting can result in an exponential blow-up of generated CSS if each nesting level has multiple selectors. Previously esbuild sometimes collapsed individual nesting levels using <code>:is()</code> to limit expansion. However, this collapsing wasn't correct in some cases, so it has been removed to fix correctness issues.</p> <pre lang="css"><code>/* Original code */ .parent { > .a, > .b1 > .b2 { color: red; } } <p>/* Old output (with --supported:nesting=false) */<br /> .parent > :is(.a, .b1 > .b2) {<br /> color: red;<br /> }</p> <p>/* New output (with --supported:nesting=false) */<br /> .parent > .a,<br /> .parent > .b1 > .b2 {<br /> color: red;<br /> }<br /> </code></pre></p> <p>Thanks to <a href="https://github.com/tim-we"><code>@tim-we</code></a> for working on a fix.</p> </li> <li> <p>The <code>&</code> CSS nesting selector can be repeated multiple times to increase CSS specificity. Previously esbuild ignored this possibility and incorrectly considered <code>&&</code> to have the same specificity as <code>&</code>. With this release, this should now work correctly:</p> <pre lang="css"><code>/* Original code (color should be red) */ </code></pre> </li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md">esbuild's changelog</a>.</em></p> <blockquote> <h1>Changelog: 2024</h1> <p>This changelog documents all esbuild versions published in the year 2024 (versions 0.19.12 through 0.24.2).</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/evanw/esbuild/commit/e9174d671b1882758cd32ac5e146200f5bee3e45"><code>e9174d6</code></a> publish 0.25.0 to npm</li> <li><a href="https://github.com/evanw/esbuild/commit/c27dbebb9e7a55dd9a084dd151dddd840787490e"><code>c27dbeb</code></a> fix <code>hosts</code> in <code>plugin-tests.js</code></li> <li><a href="https://github.com/evanw/esbuild/commit/6794f602a453cf0255bcae245871de120a89a559"><code>6794f60</code></a> fix <code>hosts</code> in <code>node-unref-tests.js</code></li> <li><a href="https://github.com/evanw/esbuild/commit/de85afd65edec9ebc44a11e245fd9e9a2e99760d"><code>de85afd</code></a> Merge commit from fork</li> <li><a href="https://github.com/evanw/esbuild/commit/da1de1bf77a65f06654b49878d9ec4747ddaa21f"><code>da1de1b</code></a> fix <a href="https://github.com/evanw/esbuild/issues/4065">#4065</a>: bitwise operators can return bigints</li> <li><a href="https://github.com/evanw/esbuild/commit/f4e9d19fb20095a98bf40634f0380f6a16be91e7"><code>f4e9d19</code></a> switch case liveness: <code>default</code> is always last</li> <li><a href="https://github.com/evanw/esbuild/commit/7aa47c3e778ea04849f97f18dd9959df88fa0886"><code>7aa47c3</code></a> fix <a href="https://github.com/evanw/esbuild/issues/4028">#4028</a>: minify live/dead <code>switch</code> cases better</li> <li><a href="https://github.com/evanw/esbuild/commit/22ecd306190b8971ec4474b5485266c20350e266"><code>22ecd30</code></a> minify: more constant folding for strict equality</li> <li><a href="https://github.com/evanw/esbuild/commit/4cdf03c03697128044fa8fb76e5c478e9765b353"><code>4cdf03c</code></a> fix <a href="https://github.com/evanw/esbuild/issues/4053">#4053</a>: reordering of <code>.tsx</code> in <code>node_modules</code></li> <li><a href="https://github.com/evanw/esbuild/commit/dc719775b7140120916bd9e6777ca1cb8a1cdc0e"><code>dc71977</code></a> fix <a href="https://github.com/evanw/esbuild/issues/3692">#3692</a>: <code>0</code> now picks a random ephemeral port</li> <li>Additional commits viewable in <a href="https://github.com/evanw/esbuild/compare/v0.24.2...v0.25.0">compare view</a></li> </ul> </details> <br /> Updates `tmp` from 0.2.3 to 0.2.4 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/raszi/node-tmp/commit/08fa3abac32b621506512724b28b56b9c4a95846"><code>08fa3ab</code></a> Update version</li> <li><a href="https://github.com/raszi/node-tmp/commit/1cf4ec54180a77a2a95dc1941efa1659774c8787"><code>1cf4ec5</code></a> Merge commit from fork</li> <li><a href="https://github.com/raszi/node-tmp/commit/188b25e529496e37adaf1a1d9dccb40019a08b1b"><code>188b25e</code></a> Fix GHSA-52f5-9888-hmc6</li> <li><a href="https://github.com/raszi/node-tmp/commit/73b9fe45bbb40157acdfab8126dd0911de91c8fa"><code>73b9fe4</code></a> Add test case for GHSA-52f5-9888-hmc6</li> <li><a href="https://github.com/raszi/node-tmp/commit/b8e2f29a7575352e49e4882a836aab4bd2ec927f"><code>b8e2f29</code></a> Remove broken tests</li> <li><a href="https://github.com/raszi/node-tmp/commit/2892a027b4d2d3a25d1d08a398bc108a0200857f"><code>2892a02</code></a> Remove outdated URL</li> <li><a href="https://github.com/raszi/node-tmp/commit/f5923182461a89e9de5a7a09c75f410a76979ae7"><code>f592318</code></a> Reformat package.json</li> <li><a href="https://github.com/raszi/node-tmp/commit/995ac8cc45867b44babdf232a1ab0a3bb1d25d95"><code>995ac8c</code></a> Merge pull request <a href="https://github.com/raszi/node-tmp/issues/301">#301</a> from raszi/dependabot/npm_and_yarn/braces-3.0.3</li> <li><a href="https://github.com/raszi/node-tmp/commit/caa758d7b55783c1e9abcb34695fdb9a812c30b7"><code>caa758d</code></a> Bump braces from 3.0.2 to 3.0.3</li> <li>See full diff in <a href="https://github.com/raszi/node-tmp/compare/v0.2.3...v0.2.4">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aws/aws-cdk/network/alerts). </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This change has been made by @ozelalisen from the Mergify Queue Rule Configurator. Mergify does not sync branch protection rules. Overall disabling won't hurt because we have the same checks exist in mergify config already and branch protection rules won't even allow direct merge. It is already duplicate rule checking to include branch protection rules in mergify. --------- Signed-off-by: Alisen Berat Ozel <null> Co-authored-by: Jorge Diaz <[email protected]>
…cing default values (#35156) Updates documentation to reflect ECS change in default behavior for the `AvailabilityZoneRebalancing` property: - For create service requests, when no value is specified for AvailabilityZoneRebalancing, Amazon ECS defaults to ENABLED if the ECS service is compatible with AvailabilityZoneRebalancing. If the ECS service is not compatible with AvailabilityZoneRebalancing, Amazon ECS defaults to DISABLED. - For update service requests, when no value is specified for AvailabilityZoneRebalancing, Amazon ECS defaults to the existing service’s AvailabilityZoneRebalancing value. If the service never had an AvailabilityZoneRebalancing value set, Amazon ECS treats this as DISABLED. ### Issue # (if applicable) Closes #<issue number here>. ### Reason for this change <!--What is the bug or use case behind this change?--> ### Description of changes <!-- What code changes did you make? Why do these changes address the issue? What alternatives did you consider and reject? What design decisions have you made? --> ### Describe any new or updated permissions being added <!-- What new or updated IAM permissions are needed to support the changes being introduced? --> ### Description of how you validated changes <!-- Have you added any unit tests and/or integration tests? Did you test by hand? --> ### Checklist - [X] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
aws-cdk-automation
added
auto-approve
pr/no-squash
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
vishaalmehrishi
added
the
pr/do-not-merge
vishaalmehrishi
removed
the
pr/do-not-merge
vishaalmehrishi
approved these changes
Aug 12, 2025
|
@Mergifyio refresh |
✅ Pull request refreshed |
|
The PR build has succeeded, but the status is not reflecting in the PR checks. |
|
Comments on closed issues and PRs are hard for our team to see. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
12 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See CHANGELOG