build(deps-dev): bump aws-cdk-lib from 2.76.0 to 2.78.0

[dependabot[bot]]

Bumps aws-cdk-lib from 2.76.0 to 2.78.0.

Release notes

Sourced from aws-cdk-lib's releases.

v2.78.0

Features

• appsync: L2 construct for EventBridge DataSource. (#25369) (a0ad49d), closes #24809
• cfnspec: cloudformation spec v120.0.0 (#25354) (9096602)
• codebuild: add support for aws/codebuild/amazonlinux2-aarch64-standard:3.0 (#25351) (0d187c1), closes #25334
• ec2: Prefixlist Constructs (#25252) (b2dfac0), closes #24714
• ec2: restrict access to default security group (under feature flag) (#25297) (d8272ef), closes /docs.aws.amazon.com/securityhub/latest/userguide/ec2-controls.html#ec2-2 #19394
• events: Validate events rule name (#25366) (5bdb012), closes #25352
• rds: add missing PerformanceInsightRetention options (#25347) (1dbae20)

Bug Fixes

• api-gateway: add validation to variables property on Stage resource (#25267) (04427e3), closes #3635
• apigateway: cannot use requestValidatorOptions multiple times (under feature flag) (#25324) (2a49fd1), closes #7613
• batch: ManagedEc2EcsComputeEnvironment instance role missing managed policy (#25279) (c81d115), closes #25256
• batch: JobQueue uses wrong id for underlying CfnJobQueue (#25269) (4cbb790), closes #25248
• core: output folder checksum is computed unnecessarily (#25392) (f2294ba)
• ecs: Allow scheduling DAEMON services even if no EC2 capacity attached to cluster (#25306) (#25328) (96bb8ce)
• elasticloadbalancingv2: the bucket policy for ELB access logging is too permissive (#25345) (748e685), closes /docs.aws.amazon.com/securityhub/latest/userguide/s3-controls.html#s3-6
• iam: Role.fromRoleName fails on AWS created roles (#25389) (4c9ce9b)
• integ-tests: allow multiple AwsApiCalls with the same action and different parameters (#25241) (75967e1), closes #25014
• s3-deployment: doesn't work in ADC regions (#25363) (432af34)
• dns-validated-cert cr doesn't use node16 (#25348) (ad71026), closes #25335

---

Alpha modules (2.78.0-alpha.0)

v2.77.0

Features

• custom-resource: upgrade builtin custom resource runtime version to Node 16 (#24916) (6f7c4b5)
• custom-resource: expose removalPolicy (#25235) (79881c5), closes #25220
• ecs-patterns: Tagging support for scheduled tasks (#25222) (6da4eba), closes #23838 #25106
• eks: support for Kubernetes version 1.26 (#25088) (792e3f2), closes #25087
• lambda: Java 17 runtime (#25240) (5573025)
• lambda-event-sources: Add eventsourceMappingArn to IEventSourceMapping (#24991) (ecd7374), closes #24801
• pipelines: added logging as option for codeBuildDefaults prop on CodePipeline construct (#25266) (d479b4d), closes #22045 #22045
• s3-deployment: implement new signContent option (#24713) (5a836cb), closes #24711
• stepfunctions-tasks: add elasticmapreduce:AddTags permission for EmrCreateCluster state with tags (#24856) (81beab3), closes #24842

Bug Fixes

• cli: diff doesn't display paths for removed resources (#25294) (9bf63ed)
• pipelines: CodeBuild Action role can be assumed by too many identities (#25316) (90cb79f)
• log buckets don't have acls enabled (#25303) (0e9440b), closes #25288
• apigatewayv2: does not work in non-aws partition (#25284) (706dc89)
• appmesh: add missing port property (#25112) (925c9ba), closes #22452
• backup: BackupVault.fromBackupVaultArn parses wrong arn format (#25259) (c2082a7), closes #25212

... (truncated)

Changelog

Sourced from aws-cdk-lib's changelog.

2.78.0 (2023-05-03)

Features

• appsync: L2 construct for EventBridge DataSource. (#25369) (a0ad49d), closes #24809
• cfnspec: cloudformation spec v120.0.0 (#25354) (9096602)
• codebuild: add support for aws/codebuild/amazonlinux2-aarch64-standard:3.0 (#25351) (0d187c1), closes #25334
• ec2: Prefixlist Constructs (#25252) (b2dfac0), closes #24714
• ec2: restrict access to default security group (under feature flag) (#25297) (d8272ef), closes /docs.aws.amazon.com/securityhub/latest/userguide/ec2-controls.html#ec2-2 #19394
• events: Validate events rule name (#25366) (5bdb012), closes #25352
• rds: add missing PerformanceInsightRetention options (#25347) (1dbae20)

Bug Fixes

• api-gateway: add validation to variables property on Stage resource (#25267) (04427e3), closes #3635
• apigateway: cannot use requestValidatorOptions multiple times (under feature flag) (#25324) (2a49fd1), closes #7613
• batch: ManagedEc2EcsComputeEnvironment instance role missing managed policy (#25279) (c81d115), closes #25256
• batch: JobQueue uses wrong id for underlying CfnJobQueue (#25269) (4cbb790), closes #25248
• core: output folder checksum is computed unnecessarily (#25392) (f2294ba)
• ecs: Allow scheduling DAEMON services even if no EC2 capacity attached to cluster (#25306) (#25328) (96bb8ce)
• elasticloadbalancingv2: the bucket policy for ELB access logging is too permissive (#25345) (748e685), closes /docs.aws.amazon.com/securityhub/latest/userguide/s3-controls.html#s3-6
• iam: Role.fromRoleName fails on AWS created roles (#25389) (4c9ce9b)
• integ-tests: allow multiple AwsApiCalls with the same action and different parameters (#25241) (75967e1), closes #25014
• s3-deployment: doesn't work in ADC regions (#25363) (432af34)
• dns-validated-cert cr doesn't use node16 (#25348) (ad71026), closes #25335

2.77.0 (2023-04-26)

Features

• upgrade default CR runtime version (#24916) (6f7c4b5)
• custom-resource: expose removalPolicy (#25235) (79881c5), closes #25220
• ecs-patterns: Tagging support for scheduled tasks (#25222) (6da4eba), closes #23838 #25106
• eks: support for Kubernetes version 1.26 (#25088) (792e3f2), closes #25087
• lambda: Java 17 runtime (#25240) (5573025)
• lambda-event-sources: Add eventsourceMappingArn to IEventSourceMapping (#24991) (ecd7374), closes #24801
• pipelines: added logging as option for codeBuildDefaults prop on CodePipeline construct (#25266) (d479b4d), closes #22045 #22045
• s3-deployment: implement new signContent option (#24713) (5a836cb), closes #24711
• stepfunctions-tasks: add elasticmapreduce:AddTags permission for EmrCreateCluster state with tags (#24856) (81beab3), closes #24842

Bug Fixes

• cli: diff doesn't display paths for removed resources (#25294) (9bf63ed)
• pipelines: CodeBuild Action role can be assumed by too many identities (#25316) (90cb79f)
• log buckets don't have acls enabled (#25303) (0e9440b), closes #25288
• apigatewayv2: does not work in non-aws partition (#25284) (706dc89)

... (truncated)

Commits

• 8e95c37 chore(release): 2.78.0 (#25419)
• baf14fb chore(release): 2.78.0
• a0ad49d feat(appsync): L2 construct for EventBridge DataSource. (#25369)
• 96bb8ce fix(ecs): Allow scheduling DAEMON services even if no EC2 capacity attached t...
• 432af34 fix(s3-deployment): doesn't work in ADC regions (#25363)
• 8c0de6d chore: upgrade dependencies to remove vm2 vulnerability (#25355)
• 04323c4 chore(integ-runner): removing cdk-cli-wrapper peer dependency (#25401)
• d8272ef feat(ec2): restrict access to default security group (under feature flag) (#2...
• 04427e3 fix(api-gateway): add validation to variables property on Stage resource ...
• 4c9ce9b fix(iam): Role.fromRoleName fails on AWS created roles (#25389)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)