Sourced from aws-cdk-lib's releases.

v2.196.0

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

• cloudformation: Some L1 resources experienced breaking changes due to updated CloudFormation resources. Please check the notes for each specific module for more information.
• Logs: The type of property DeliveryDestinationPolicy of resource AWS::Logs::DeliveryDestination changed to be DestinationPolicy instead of JSON.

Features

• apigatewayv2: add dualstack support to domain name (#34111) (8aa2f81), closes #34054 /docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-domainname-domainnameconfiguration.html#cfn-apigatewayv2
• cloudformation: update L1 CloudFormation resource definitions (#34425) (6460ffe)
• ecs: throw ValidationErrors instead of untyped errors (#34427) (5cfea39), closes #32569
• eks: throw ValidationErrors instead of untyped errors (#34428) (2e7c55b), closes #32569
• elasticloadbalancingv2: add support for multi-value headers in Lambda target groups (#34298) (c8b98e7)
• elasticsearch: throw ValidationErrors instead of untyped errors (#34429) (13d9645), closes #32569
• events-targets: throw ValidationErrors instead of untyped errors (#34430) (e493cc8), closes #32569
• globalaccelerator: throw ValidationErrors instead of untyped errors (#34426) (5ee092a), closes #32569
• kms: throw ValidationErrors instead of untyped errors (#34431) (10756c1), closes #32569
• opensearchservice: throw ValidationErrors instead of untyped errors (#34432) (5509923), closes #32569
• rds: add Aurora MySQL versions 2.11.6, 2.12.5, 3.04.4 (#34443) (d03e856)
• region-info: update Metadata regions (#34414) (957d8e3)
• route53: add cidrRoutingConfig property (#34301) (5cd82f5)
• s3-tables: add KMS support for TableBucket L2 construct (#34281) (ac0e4ca)
• scheduler: throw ValidationErrors instead of untyped errors (#34434) (bc7c4e8), closes #32569
• servicediscovery: throw ValidationErrors instead of untyped errors (#34435) (28048b3), closes #32569
• ses: https policy for custom tracking domain (#34314) (60d7aea)
• sns-subscriptions: throw ValidationErrors instead of untyped errors (#34436) (98e352d), closes #32569
• stepfunctions: ResultWriter support JSONPath/JSONata bucket (#33793) (8a5aecb), closes #32687
• stepfunctions: add parameters to parallel state (#34131) (0f71ee1), closes #32791
• property injectors and make all L2 Constructors injectable (#34419) (4dc523f)
• stepfunctions: throw ValidationErrors instead of untyped errors (#34438) (e828389), closes #32569
• support healthCheckGracePeriod in QueueProcessingFargateService (#34231) (ae0c7b7), closes #34220
• synthetics: add 5.0 and 5.1 python canary runtimes (#34254) (639b883), closes #34252

Bug Fixes

• cloudwatch-actions: lambda permission use unique prefix id (#34269) (9ddc00a), closes #33958
• eks: eks cluster name exceeding the limit of 100 characters (#34449) (5197882)
• s3: updating blockPublicAccess to enable default true settings (under feature flag) (#33702) (904e3a3), closes #32811 40aws-cdk-testing/framework-integ/test/aws-s3/test/integ.bucket-block-access.ts#L1-L42

---

Alpha modules (2.196.0-alpha.0)

Features

• msk: support Kafka versions 3.9.x and 3.9.x Kraft (#34213) (a1226db)
• pipes-targets: add SNS (#34159) (2f846b3)
• s3tables: server-side encryption by customer managed KMS key (#34229) (488f0db)

Bug Fixes

... (truncated)

Sourced from aws-cdk-lib's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

2.196.0-alpha.0 (2025-05-15)

Features

• msk: support Kafka versions 3.9.x and 3.9.x Kraft (#34213) (a1226db)
• pipes-targets: add SNS (#34159) (2f846b3)
• s3tables: server-side encryption by customer managed KMS key (#34229) (488f0db)

Bug Fixes

• ec2: dual-stack vpc without private subnets creates EgressOnlyInternetGateway (under feature flag) (#34437) (35e818b), closes #30981
• ec2-alpha: fix resource id references and tags for migration behind feature flag (#34377) (aa73534)

2.195.0-alpha.0 (2025-05-07)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

• iot: By default, deviceDertificateAgeCheck is automatically enabled.

Features

• iot: device certificate age check audit configuration (#33816) (9ad383d)
• location: support L2 API Key Construct (#32733) (d867878), closes #30684

Bug Fixes

• amplify-alpha: example code for adding a custom rule is wrong (#34353) (8ab2606), closes #34351

2.194.0-alpha.0 (2025-05-01)

2.193.0-alpha.0 (2025-04-30)

Features

• pipes-targets-alpha: support Amazon Data Firehose target (#33860) (ebf1ea2)

2.192.0-alpha.0 (2025-04-24)

Features

... (truncated)

• 15e174e fix fixtures
• 3301ecc fix fixtures
• 9d7a388 keep PropertyInjectableConstructConstructor private
• 31008b5 fix exporting and importing prop-injectable
• 8ee4427 chore: update analytics metadata blueprints
• e1764f4 chore(release): 2.196.0
• 60d7aea feat(ses): https policy for custom tracking domain (#34314)
• 2cd737d chore: yarn upgrade dependencies requiring intervention (#34440)
• 40e8c26 chore: update metadata_updater to skip some L2 constructs from being injectab...
• 35e818b fix(ec2): dual-stack vpc without private subnets creates EgressOnlyInternetG...
• Additional commits viewable in compare view

• adf1d77 fix(deps): bump awscli from 1.40.7 to 1.40.12 (#1219)
• 677db6a fix(deps): bump awscli from 1.40.2 to 1.40.7 (#1215)
• 9f3ccb2 fix(deps): bump awscli from 1.38.37 to 1.40.2 (#1211)
• a752724 chore: update python image version (#1213)
• e706a81 chore(deps): upgrade dev dependencies (#1212)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions