build(deps): bump aws-cdk-lib from 2.69.0 to 2.72.0

[dependabot[bot]]

Bumps aws-cdk-lib from 2.69.0 to 2.72.0.

Release notes

Sourced from aws-cdk-lib's releases.

v2.72.0

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

• cdk-lib: The return type of aws-cdk-lib.aws_ec2.SecurityGroup.determineRuleScope was changed from a tuple ([SecurityGroupBase, string]) to a struct with the same values, because tuple types are not supported over the jsii interoperability layer, but jsii@v1 was incorrectly allowing this to be represented as the JSON primitive type. This made the API unusable in non-JS languages. The type of the metadata property of aws-cdk-lib.aws_s3_deployment.BucketDeploymentProps was changed from an index-only struct to an inline map, because jsii@v1 silently ignored the index signature (which is otherwise un-supported), resulting in an empty object in non-JS/TS languages. As a consequence, the values of that map can no longer be undefined (as jsii does not currently support nullable elements in collections).

Features

• apprunner-alpha: support autoDeploymentsEnabled flag for Service (#24612) (cf5a9c4), closes #24529
• cfnspec: cloudformation spec v117.0.0 (#24779) (1b94ea6)
• cfnspec: cloudformation spec v117.0.0 (#24841) (84630e9)
• cloudfront-origins: allow custom originPath for apigateway.RestApi constructs (#24023) (bc3db02)
• core: template validation after synthesis (#23951) (20aeb0f)
• dynamodb: adds deletion protection for tables (#24581) (6e400a9), closes #24540
• ecs: support pseudo terminal allocation in container definition (#24790) (3c0756a)
• efs: implement IResourceWithPolicy (#24453) (5771d79), closes #15805
• kms: Adds support for hmac and sm2 key spec (#23866) (f2f3c21), closes #23727
• s3: add allowedActionPatterns parameter to grantWrite (#24211) (5b5c36f), closes #24074
• s3-deployment: added Source.dataYaml helper function (#24579) (d969ddf), closes #24554
• added AllViewerExceptHostHeader as new OriginRequest policy (#24562) (8dbca12), closes #24552

Bug Fixes

• bootstrap: ECR repository produces Security Hub finding [ECR.3] because of missing lifecycle policy (#24735) (cdfa970)
• cli: cdk deploy output hook failure reason if cloudformation failed by hook (#24444) (9d4b66a)
• cli: pathMetadata and assetMetadata defaults cannot be configured in cdk.json (#24533) (45bc57a), closes #3573
• dynamodb: add missing iam permissions to custom resource for deleting dynamodb replica table (#24682) (f35b70b), closes #22069
• ec2: tokenised subnet.subnetId filtered by the SubnetIdSubnetFilter returns an empty array (#24625) (d0912ca), closes #24427
• ec2: VPC Flow Log record fields are not available (#24812) (65fb7a6), closes #24807
• ecs: cpu in container definition may be less than total cpu allocated to the container (#24647) (dc064be), closes #24629
• lambda-nodejs: pnpm no longer supports nodejs14.x (#24821) (b1c9ab2)
• logs-destinations: missing dependency to Permission Policy created by LambdaDestination (#24823) (72b3a95), closes #21941 aws/aws-cdk#22100
• logs-destinations: missing dependency to Policy created by KinesisDestination (#24811) (3c98d1e), closes #21827 aws/aws-cdk#21827
• s3-deployment: physical id not set during failure scenario (#24428) (be4be99), closes #22670
• stepfunctions-tasks: updated EMR service role to use AmazonEMRServicePolicy_v2 (under feature flag) (#23985) (f3fd183), closes #23915

Miscellaneous Chores

• cdk-lib: migrate to jsii@5.0 / jsii-rosetta@5.0 (#24425) (6d581d7)

---

Alpha modules (2.72.0-alpha.0)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

• servicecatalogappregistry: This commit involves share replacement during the deployment of ApplicationAssociator due to share construct id update. After this change, frequent share replacements due to structural change in Application construct should be avoided. Application.shareApplication starts to require construct id (first argument) and share name (added in ShareOption) as input.
• ivs: Renamed ChannelProps.name to ChannelProps.channelName
• Renamed PlaybackKeyPairProps.name to PlaybackKeyPairProps.playbackKeyPairName
• Channel now generates a physical name if one is not provided
• PlaybackKeyPair now generates a physical name if one is not provided

... (truncated)

Changelog

Sourced from aws-cdk-lib's changelog.

2.72.0 (2023-03-29)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

• cdk-lib: The return type of aws-cdk-lib.aws_ec2.SecurityGroup.determineRuleScope was changed from a tuple ([SecurityGroupBase, string]) to a struct with the same values, because tuple types are not supported over the jsii interoperability layer, but jsii@v1 was incorrectly allowing this to be represented as the JSON primitive type. This made the API unusable in non-JS languages. The type of the metadata property of aws-cdk-lib.aws_s3_deployment.BucketDeploymentProps was changed from an index-only struct to an inline map, because jsii@v1 silently ignored the index signature (which is otherwise un-supported), resulting in an empty object in non-JS/TS languages. As a consequence, the values of that map can no longer be undefined (as jsii does not currently support nullable elements in collections).

Features

• apprunner-alpha: support autoDeploymentsEnabled flag for Service (#24612) (cf5a9c4), closes #24529
• cfnspec: cloudformation spec v117.0.0 (#24779) (1b94ea6)
• cfnspec: cloudformation spec v117.0.0 (#24841) (84630e9)
• cloudfront-origins: allow custom originPath for apigateway.RestApi constructs (#24023) (bc3db02)
• core: template validation after synthesis (#23951) (20aeb0f)
• dynamodb: adds deletion protection for tables (#24581) (6e400a9), closes #24540
• ecs: support pseudo terminal allocation in container definition (#24790) (3c0756a)
• efs: implement IResourceWithPolicy (#24453) (5771d79), closes #15805
• kms: Adds support for hmac and sm2 key spec (#23866) (f2f3c21), closes #23727
• s3: add allowedActionPatterns parameter to grantWrite (#24211) (5b5c36f), closes #24074
• s3-deployment: added Source.dataYaml helper function (#24579) (d969ddf), closes #24554
• added AllViewerExceptHostHeader as new OriginRequest policy (#24562) (8dbca12), closes #24552

Bug Fixes

• bootstrap: ECR repository produces Security Hub finding [ECR.3] because of missing lifecycle policy (#24735) (cdfa970)
• cli: cdk deploy output hook failure reason if cloudformation failed by hook (#24444) (9d4b66a)
• cli: pathMetadata and assetMetadata defaults cannot be configured in cdk.json (#24533) (45bc57a), closes #3573
• dynamodb: add missing iam permissions to custom resource for deleting dynamodb replica table (#24682) (f35b70b), closes #22069
• ec2: tokenised subnet.subnetId filtered by the SubnetIdSubnetFilter returns an empty array (#24625) (d0912ca), closes #24427
• ec2: VPC Flow Log record fields are not available (#24812) (65fb7a6), closes #24807
• ecs: cpu in container definition may be less than total cpu allocated to the container (#24647) (dc064be), closes #24629
• lambda-nodejs: pnpm no longer supports nodejs14.x (#24821) (b1c9ab2)
• logs-destinations: missing dependency to Permission Policy created by LambdaDestination (#24823) (72b3a95), closes #21941 aws/aws-cdk#22100
• logs-destinations: missing dependency to Policy created by KinesisDestination (#24811) (3c98d1e), closes #21827 aws/aws-cdk#21827
• s3-deployment: physical id not set during failure scenario (#24428) (be4be99), closes #22670
• stepfunctions-tasks: updated EMR service role to use AmazonEMRServicePolicy_v2 (under feature flag) (#23985) (f3fd183), closes #23915

Miscellaneous Chores

• cdk-lib: migrate to jsii@5.0 / jsii-rosetta@5.0 (#24425) (6d581d7)

2.71.0 (2023-03-29)

Features

• core: template validation after synthesis (#23951) (91d6509)

... (truncated)

Commits

• 397e46c chore(release): 2.72.0 (#24853)
• 2615ac4 chore(release): 2.72.0
• 9ae6b11 Merge pull request #24850 from aws/merge-back/2.71.0
• 08c191d Merge branch 'main' into merge-back/2.71.0
• 4faf92a chore: record cdk8s usage in stack metadata (#24849)
• 4eeb2c6 Merge branch 'main' into merge-back/2.71.0
• 65e6a61 chore(release): 2.71.0 (#24845)
• 205a6a5 chore(release): 2.71.0
• 1cf3edf chore(lambda-nodejs): pin pnpm version to 7 (#24837)
• 84630e9 feat(cfnspec): cloudformation spec v117.0.0 (#24841)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

Superseded by #3016.