Update dependency aws-sdk to v2.814.0 [SECURITY]

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
aws-sdk	2.696.0 → 2.814.0

---

Prototype Pollution via file load in aws-sdk and @​aws-sdk/shared-ini-file-loader

CVE-2020-28472 / GHSA-rrc9-gqf8-8rwg

More information

Details

This affects the package @​aws-sdk/shared-ini-file-loader before 1.0.0-rc.9; the package aws-sdk before 2.814.0. If an attacker submits a malicious INI file to an application that parses it with loadSharedConfigFiles , they will pollute the prototype on the application. This can be exploited further depending on the context.

Severity

• CVSS Score: 7.3 / 10 (High)
• Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

References

• https://nvd.nist.gov/vuln/detail/CVE-2020-28472
• https://github.com/aws/aws-sdk-js/pull/3585/commits/7d72aff2a941173733fcb6741b104cd83d3bc611
• https://github.com/aws/aws-sdk-js-v3/commit/a209082dff913939672bb069964b33aa4c5409a9
• https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1059426
• https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1059425
• https://snyk.io/vuln/SNYK-JS-AWSSDK-1059424
• https://snyk.io/vuln/SNYK-JS-AWSSDKSHAREDINIFILELOADER-1049304
• https://github.com/advisories/GHSA-rrc9-gqf8-8rwg

This data is provided by the GitHub Advisory Database (CC-BY 4.0).

---

Release Notes

aws/aws-sdk-js (aws-sdk)

v2.814.0

Compare Source

• bugfix: Credentials: SDK will throw if shared ini file's profile name can be resolved to proto
• feature: EC2: EBS io2 volumes now supports Multi-Attach
• feature: PersonalizeRuntime: Updated FilterValues regex pattern to align with Filter Expression.
• feature: RDS: Adds IAM DB authentication information to the PendingModifiedValues output of the DescribeDBInstances API. Adds ClusterPendingModifiedValues information to the output of the DescribeDBClusters API.

v2.813.0

Compare Source

• feature: ConfigService: Adding PutExternalEvaluation API which grants permission to deliver evaluation result to AWS Config
• feature: DLM: Provide Cross-account copy event based policy support in DataLifecycleManager (DLM)
• feature: EC2: C6gn instances are powered by AWS Graviton2 processors and offer 100 Gbps networking bandwidth. These instances deliver up to 40% better price-performance benefit versus comparable x86-based instances
• feature: Imagebuilder: This release adds support for building and distributing container images within EC2 Image Builder.
• feature: KMS: Added CreationDate and LastUpdatedDate timestamps to ListAliases API response
• feature: Route53: This release adds support for DNSSEC signing in Amazon Route 53.
• feature: Route53Resolver: Route 53 Resolver adds support for enabling resolver DNSSEC validation in virtual private cloud (VPC).
• feature: SQS: Amazon SQS adds queue attributes to enable high throughput FIFO.
• feature: ServiceCatalog: Support TagOptions sharing with Service Catalog portfolio sharing.

v2.812.0

Compare Source

• feature: CostExplorer: This release updates the "MonitorArnList" from a list of String to be a list of Arn for both CreateAnomalySubscription and UpdateAnomalySubscription APIs
• feature: Location: Initial release of Amazon Location Service. A new geospatial service providing capabilities to render maps, geocode/reverse geocode, track device locations, and detect geofence entry/exit events.
• feature: QuickSight: QuickSight now supports connecting to federated data sources of Athena
• feature: WellArchitected: This is the first release of AWS Well-Architected Tool API support, use to review your workload and compare against the latest AWS architectural best practices.

v2.811.0

Compare Source

• feature: Amp: (New Service) Amazon Managed Service for Prometheus is a fully managed Prometheus-compatible monitoring service that makes it easy to monitor containerized applications securely and at scale.
• feature: GreengrassV2: AWS IoT Greengrass V2 is a new major version of AWS IoT Greengrass. This release adds several updates such as modular components, continuous deployments, and improved ease of use.
• feature: IoTAnalytics: FileFormatConfiguration enables data store to save data in JSON or Parquet format. S3Paths enables you to specify the S3 objects that save your channel messages when you reprocess the pipeline.
• feature: IoTFleetHub: AWS IoT Fleet Hub, a new feature of AWS IoT Device Management that provides a web application for monitoring and managing device fleets connected to AWS IoT at scale.
• feature: IoTWireless: AWS IoT for LoRaWAN enables customers to setup a private LoRaWAN network by connecting their LoRaWAN devices and gateways to the AWS cloud without managing a LoRaWAN Network Server.
• feature: Iot: AWS IoT Rules Engine adds Kafka Action that allows sending data to Apache Kafka clusters inside a VPC. AWS IoT Device Defender adds custom metrics and machine-learning based anomaly detection.
• feature: IotDeviceAdvisor: AWS IoT Core Device Advisor is fully managed test capability for IoT devices. Device manufacturers can use Device Advisor to test their IoT devices for reliable and secure connectivity with AWS IoT.
• feature: Lambda: Added support for Apache Kafka as a event source. Added support for TumblingWindowInSeconds for streams event source mappings. Added support for FunctionResponseTypes for streams event source mappings
• feature: SSM: Adding support for Change Manager API content

v2.810.0

Compare Source

• feature: DevOpsGuru: Documentation updates for DevOps Guru.
• feature: EC2: Add c5n.metal to ec2 instance types list
• feature: GlobalAccelerator: This release adds support for custom routing accelerators

v2.809.0

Compare Source

• feature: AutoScaling: Documentation updates and corrections for Amazon EC2 Auto Scaling API Reference and SDKs.
• feature: CloudTrail: CloudTrailInvalidClientTokenIdException is now thrown when a call results in the InvalidClientTokenId error code. The Name parameter of the AdvancedEventSelector data type is now optional.
• feature: IoTSiteWise: Added the ListAssetRelationships operation and support for composite asset models, which represent structured sets of properties within asset models.

v2.808.0

Compare Source

• feature: EC2: TGW connect simplifies connectivity of SD-WAN appliances; IGMP support for TGW multicast; VPC Reachability Analyzer for VPC resources connectivity analysis.
• feature: Kendra: Amazon Kendra now supports adding synonyms to an index through the new Thesaurus resource.
• feature: NetworkManager: This release adds API support for Transit Gateway Connect integration into AWS Network Manager.

v2.807.0

Compare Source

• feature: EC2: This release adds support for G4ad instances powered by AMD Radeon Pro V520 GPUs and AMD 2nd Generation EPYC processors
• feature: GlobalAccelerator: This release adds support for custom routing accelerators
• feature: Redshift: Add support for availability zone relocation feature.

v2.806.0

Compare Source

• feature: AuditManager: AWS Audit Manager helps you continuously audit your AWS usage to simplify how you manage risk and compliance. This update releases the first version of the AWS Audit Manager APIs and SDK.
• feature: ECR: This release adds support for configuring cross-region and cross-account replication of your Amazon ECR images.
• feature: EMRcontainers: This release adds support for Amazon EMR on EKS, a simple way to run Spark on Kubernetes.
• feature: ForecastService: This release adds support for the Amazon Forecast Weather Index which can increase forecasting accuracy by automatically including weather forecasts in demand forecasts.
• feature: HealthLake: This release introduces Amazon HealthLake (preview), a HIPAA-eligible service that enables healthcare and life sciences customers to store, transform, query, and analyze health data in the AWS Cloud.
• feature: Kendra: 1. Amazon Kendra connector for Google Drive repositories 2. Amazon Kendra's relevance ranking models are regularly tuned for each customer by capturing end-user search patterns and feedback.
• feature: QuickSight: Added new parameters for join optimization.
• feature: SageMaker: This feature helps you monitor model performance characteristics such as accuracy, identify undesired bias in your ML models, and explain model decisions better with explainability drift detection.
• feature: SageMakerRuntime: This feature allows customers to invoke their endpoint with an inference ID. If used and data capture for the endpoint is enabled, this ID will be captured along with request data.
• feature: SagemakerEdge: Amazon SageMaker Edge Manager makes it easy to optimize, secure, monitor, and maintain machine learning (ML) models across fleets of edge devices such as smart cameras, smart speakers, and robots.

v2.805.0

Compare Source

• bugfix: S3: fixed a bug where createPresignedPost could result in a process crash.
• feature: DMS: Added PreserveTransaction setting to preserve order of CDC for S3 as target. Added CsvNoSupValue setting to replace empty value for columns not included in the supplemental log for S3 as target.
• feature: ServiceCatalogAppRegistry: AWS Service Catalog AppRegistry now supports adding, removing, and listing tags on resources after they are created.

v2.804.0

Compare Source

• feature: EC2: This release introduces tag-on-create capability for the CreateImage API. A user can now specify tags that will be applied to the new resources (image, snapshots or both), during creation time.
• feature: Kafka: Adding HEALING to ClusterState.
• feature: Lambda: Added the additional enum InvalidImage to StateReasonCode and LastUpdateStatusReasonCode fields.
• feature: LicenseManager: Automated Discovery now has support for custom tags, and detects software uninstalls.
• feature: MediaLive: AWS Elemental MediaLive now supports black video and audio silence as new conditions to trigger automatic input failover.
• feature: RDS: Adds support for Amazon RDS Cross-Region Automated Backups, the ability to setup automatic replication of snapshots and transaction logs from a primary AWS Region to a secondary AWS Region.
• feature: SSM: AWS Systems Manager Patch Manager MAC OS Support and OpsMetadata Store APIs to store operational metadata for an Application.
• feature: WorkSpaces: Update the import-workspace-image API to have "BYOL_REGULAR_WSP" as a valid input string for ingestion-process.

v2.803.0

Compare Source

• feature: Batch: This release adds support for customer to run Batch Jobs on ECS Fargate, the serverless compute engine built for containers on AWS. Customer can also propagate Job and Job Definition Tags to ECS Task.
• feature: ComputeOptimizer: This release enables AWS Compute Optimizer to analyze and generate optimization recommendations for EBS volumes that are attached to instances.
• feature: LicenseManager: AWS License Manager enables managed entitlements for AWS customers and Software Vendors (ISV). You can track and distribute license entitlements from AWS Marketplace and supported ISVs.

v2.802.0

Compare Source

• bugfix: Profile: Removes an incorrectly named service Profile that was included in release, v2.801.0
• feature: CustomerProfiles: This is the first release of Amazon Connect Customer Profiles, a unified customer profile for your Amazon Connect contact center.

v2.801.0

Compare Source

• feature: AmplifyBackend: (New Service) The Amplify Admin UI offers an accessible way to develop app backends and manage app content. We recommend that you use the Amplify Admin UI to manage the backend of your Amplify app.
• feature: AppIntegrations: The Amazon AppIntegrations service (in preview release) enables you to configure and reuse connections to external applications.
• feature: Connect: This release adds an Amazon Connect API that provides the ability to create tasks, and a set of APIs (in preview) to configure AppIntegrations associations with Amazon Connect instances.
• feature: ConnectContactLens: Contact Lens for Amazon Connect analyzes conversations, both real-time and post-call. The ListRealtimeContactAnalysisSegments API returns a list of analysis segments for a real-time analysis session.
• feature: DevOpsGuru: (New Service) Amazon DevOps Guru is available in public preview. It's a fully managed service that uses machine learning to analyze your operational solutions to help you find and troubleshoot issues.
• feature: DirectoryService: Adding client authentication feature for AWS AD Connector
• feature: EC2: This release adds support for: EBS gp3 volumes; and D3/D3en/R5b/M5zn instances powered by Intel Cascade Lake CPUs
• feature: ECRPUBLIC: Supports Amazon Elastic Container Registry (Amazon ECR) Public, a fully managed registry that makes it easy for a developer to publicly share container software worldwide for anyone to download.
• feature: EKS: Amazon EKS now allows you to define and manage the lifecycle for Kubernetes add-ons for your clusters. This release adds support for the AWS VPC CNI (vpc-cni).
• feature: Honeycode: Introducing APIs to read and write directly from Honeycode tables. Use APIs to pull table and column metadata, then use the read and write APIs to programmatically read and write from the tables.
• feature: Lambda: This release includes support for a new feature: Container images support in AWS Lambda. This adds APIs for deploying functions as container images. AWS Lambda now supports memory up to 10240MB.
• feature: LookoutVision: This release introduces support for Amazon Lookout for Vision.
• feature: Profile: This is the first release of Amazon Connect Customer Profiles, a unified customer profile for your Amazon Connect contact center.
• feature: S3: S3 adds support for multiple-destination replication, option to sync replica modifications; S3 Bucket Keys to reduce cost of S3 SSE with AWS KMS
• feature: SageMaker: Amazon SageMaker Pipelines for ML workflows. Amazon SageMaker Feature Store, a fully managed repository for ML features.
• feature: SageMakerFeatureStoreRuntime: This release adds support for Amazon SageMaker Feature Store, which makes it easy for customers to create, version, share, and manage curated data for machine learning (ML) development.

v2.800.0

Compare Source

• feature: EC2: This release introduces Amazon EC2 Mac1 instances, a new Amazon EC2 instance family built on Apple Mac mini computers, powered by AWS Nitro System, and support running macOS workloads on Amazon EC2

v2.799.0

Compare Source

• feature: Appflow: Upsolver as a destination connector and documentation update.
• feature: Batch: Add Ec2Configuration in ComputeEnvironment.ComputeResources. Use in CreateComputeEnvironment API to enable AmazonLinux2 support.
• feature: CloudFormation: Adds support for the new Modules feature for CloudFormation. A module encapsulates one or more resources and their respective configurations for reuse across your organization.
• feature: CloudTrail: CloudTrail now includes advanced event selectors, which give you finer-grained control over the events that are logged to your trail.
• feature: CodeBuild: Adding GetReportGroupTrend API for Test Reports.
• feature: CognitoIdentityServiceProvider: This release adds ability to configure Cognito User Pools with third party sms and email providers for sending notifications to users.
• feature: Comprehend: Support Comprehend events detection APIs
• feature: ElasticBeanstalk: Updates the Integer constraint of DescribeEnvironmentManagedActionHistory's MaxItems parameter to [1, 100].
• feature: FSx: This release adds the capability to increase storage capacity of Amazon FSx for Lustre file systems, providing the flexibility to meet evolving storage needs over time.
• feature: GameLift: GameLift FlexMatch is now available as a standalone matchmaking solution. FlexMatch now provides customizable matchmaking for games hosted peer-to-peer, on-premises, or on cloud compute primitives.
• feature: IoTSiteWise: This release adds support for customer managed customer master key (CMK) based encryption in IoT SiteWise.
• feature: LexModelBuildingService: Lex now supports es-419, de-DE locales
• feature: MWAA: (New Service) Amazon MWAA is a managed service for Apache Airflow that makes it easy for data engineers and data scientists to execute data processing workflows in the cloud.
• feature: MediaConvert: AWS Elemental MediaConvert SDK has added support for Vorbis and Opus audio in OGG/OGA containers.
• feature: QuickSight: Support for embedding without user registration. New enum EmbeddingIdentityType. A potential breaking change. Affects code that refers IdentityType enum type directly instead of literal string value.
• feature: StepFunctions: This release of the AWS Step Functions SDK introduces support for Synchronous Express Workflows
• feature: TimestreamWrite: Adds support of upserts for idempotent updates to Timestream.

v2.798.0

Compare Source

• feature: ApplicationInsights: Add Detected Workload to ApplicationComponent which shows the workloads that installed in the component
• feature: CodeArtifact: Add support for the NuGet package format.
• feature: CodeStarconnections: Added support for the UpdateHost API.
• feature: DynamoDB: With this release, you can capture data changes in any Amazon DynamoDB table as an Amazon Kinesis data stream. You also can use PartiQL (SQL-compatible language) to manipulate data in DynamoDB tables.
• feature: EC2: This release adds support for Multiple Private DNS names to DescribeVpcEndpointServices response.
• feature: ECS: This release adds support for updating capacity providers, specifying custom instance warmup periods for capacity providers, and using deployment circuit breaker for your ECS Services.
• feature: EMR: Add API support for EMR Studio, a new notebook-first IDE for data scientists and data engineers with single sign-on, Jupyter notebooks, automated infrastructure provisioning, and job diagnosis.
• feature: ForecastService: Releasing the set of PredictorBacktestExportJob APIs which allow customers to export backtest values and item-level metrics data from Predictor training.
• feature: Glue: Feature1 - Glue crawler adds data lineage configuration option. Feature2 - AWS Glue Data Catalog adds APIs for PartitionIndex creation and deletion as part of Enhancement Partition Management feature.
• feature: Iot: This release enables users to identify different file types in the over-the-air update (OTA) functionality using fileType parameter for CreateOTAUpdate API
• feature: Kafka: Adding MAINTENANCE and REBOOTING_BROKER to Cluster states.
• feature: Lambda: This release includes support for new feature: Code Signing for AWS Lambda. This adds new resources and APIs to configure Lambda functions to accept and verify signed code artifacts at deployment.
• feature: LicenseManager: AWS License Manager now provides the ability for license administrators to be able to associate license configurations to AMIs shared with their AWS account
• feature: Outposts: Support specifying tags during the creation of the Outpost resource. Tags are now returned in the response body of Outpost APIs.
• feature: SSOAdmin: AWS Single Sign-On now enables attribute-based access control for workforce identities to simplify permissions in AWS
• feature: SecurityHub: Updated the account management API to support the integration with AWS Organizations. Added new methods to allow users to view and manage the delegated administrator account for Security Hub.
• feature: Signer: AWS Signer is launching code-signing for AWS Lambda. Now customers can cryptographically sign Lambda code to ensure trust, integrity, and functionality.
• feature: TimestreamQuery: Amazon Timestream now supports "QueryStatus" in Query API which has information about cumulative bytes scanned, metered, as well as progress percentage for the query.
• feature: Translate: This update adds new operations to create and manage parallel data in Amazon Translate. Parallel data is a resource that you can use to run Active Custom Translation jobs.

v2.797.0

Compare Source

• feature: AppMesh: This release makes tag value a required attribute of the tag's key-value pair.
• feature: Chime: The Amazon Chime SDK for messaging provides the building blocks needed to build chat and other real-time collaboration features.
• feature: CloudHSMV2: Added managed backup retention, a feature that enables customers to retain backups for a configurable period after which CloudHSM service will automatically delete them.
• feature: CodeGuruReviewer: This release supports tagging repository association resources in Amazon CodeGuru Reviewer.
• feature: CognitoIdentity: Added SDK pagination support for ListIdentityPools
• feature: Connect: This release adds a set of Amazon Connect APIs to programmatically control instance creation, modification, description and deletion.
• feature: Kafka: This release adds support for PER TOPIC PER PARTITION monitoring on AWS MSK clusters.
• feature: Macie2: The Amazon Macie API now provides S3 bucket metadata that indicates whether any one-time or recurring classification jobs are configured to analyze data in a bucket.
• feature: S3: Add new documentation regarding automatically generated Content-MD5 headers when using the SDK or CLI.
• feature: ServiceCatalogAppRegistry: AWS Service Catalog AppRegistry Documentation update

v2.796.0

Compare Source

• feature: AutoScaling: You can now create Auto Scaling groups with multiple launch templates using a mixed instances policy, making it easy to deploy an AMI with an architecture that is different from the rest of the group.
• feature: CloudWatchEvents: EventBridge now supports Resource-based policy authorization on event buses. This enables cross-account PutEvents API calls, creating cross-account rules, and simplifies permission management.
• feature: CostExplorer: Additional metadata that may be applicable to the recommendation.
• feature: DirectoryService: Adding multi-region replication feature for AWS Managed Microsoft AD
• feature: EventBridge: EventBridge now supports Resource-based policy authorization on event buses. This enables cross-account PutEvents API calls, creating cross-account rules, and simplifies permission management.
• feature: Glue: Adding support for Glue Schema Registry. The AWS Glue Schema Registry is a new feature that allows you to centrally discover, control, and evolve data stream schemas.
• feature: KinesisAnalyticsV2: Amazon Kinesis Data Analytics now supports building and running streaming applications using Apache Flink 1.11 and provides a way to access the Apache Flink dashboard for supported Flink versions.
• feature: Lambda: Added the starting position and starting position timestamp to ESM Configuration. Now customers will be able to view these fields for their ESM.
• feature: LexModelBuildingService: Amazon Lex supports managing input and output contexts as well as default values for slots.
• feature: LexRuntime: Amazon Lex now supports the ability to view and manage active contexts associated with a user session.
• feature: MediaLive: The AWS Elemental MediaLive APIs and SDKs now support the ability to see the software update status on Link devices
• feature: Redshift: Amazon Redshift support for returning ClusterNamespaceArn in describeClusters

v2.795.0

Compare Source

• feature: Backup: AWS Backup now supports cross-account backup, enabling AWS customers to securely copy their backups across their AWS accounts within their AWS organizations.
• feature: CloudFormation: This release adds ChangeSets support for Nested Stacks. ChangeSets offer a preview of how proposed changes to a stack might impact existing resources or create new ones.
• feature: CodeBuild: AWS CodeBuild - Adding Status field for Report Group
• feature: EC2: EC2 Fleet adds support of DeleteFleets API for instant type fleets. Now you can delete an instant type fleet and terminate all associated instances with a single API call.
• feature: Outposts: Mark the Name parameter in CreateOutpost as required.
• feature: S3Control: AWS S3 Storage Lens provides visibility into your storage usage and activity trends at the organization or account level, with aggregations by Region, storage class, bucket, and prefix.

v2.794.0

Compare Source

• feature: Chime: This release adds CRUD APIs for Amazon Chime SipMediaApplications and SipRules. It also adds the API for creating outbound PSTN calls for Amazon Chime meetings.
• feature: Connect: This release adds support for user hierarchy group and user hierarchy structure. For details, see the Release Notes in the Amazon Connect Administrator Guide.
• feature: FMS: Added Firewall Manager policy support for AWS Network Firewall resources.
• feature: Macie2: The Amazon Macie API now has a lastRunErrorStatus property to indicate if account- or bucket-level errors occurred during the run of a one-time classification job or the latest run of a recurring job.
• feature: NetworkFirewall: (New Service) AWS Network Firewall is a managed network layer firewall service that makes it easy to secure your virtual private cloud (VPC) networks and block malicious traffic.
• feature: RDS: Support copy-db-snapshot in the one region on cross clusters and local cluster for RDSonVmware. Add target-custom-availability-zone parameter to specify where a snapshot should be copied.

v2.793.0

Compare Source

• feature: CodePipeline: We show details about inbound executions and id of action executions in GetPipelineState API. We also add ConflictException to StartPipelineExecution, RetryStageExecution, StopPipelineExecution APIs.
• feature: DMS: Adding MoveReplicationTask feature to move replication tasks between instances
• feature: IoTSecureTunneling: Support using multiple data streams per tunnel using the Secure Tunneling multiplexing feature.
• feature: IoTSiteWise: This release supports Unicode characters for string operations in formulae computes in SiteWise. For more information, search for SiteWise in Amazon What's new or refer the SiteWise documentation.
• feature: QuickSight: Adding new parameters for dashboard persistence
• feature: SageMaker: This feature enables customers to encrypt their Amazon SageMaker Studio storage volumes with customer master keys (CMKs) managed by them in AWS Key Management Service (KMS).
• feature: ServiceCatalog: Support import of CloudFormation stacks into Service Catalog provisioned products.
• feature: Synthetics: AWS Synthetics now supports Environment Variables to assign runtime parameters in the canary scripts.

v2.792.0

Compare Source

• feature: ELBv2: Adds dualstack support for Network Load Balancers (TCP/TLS only), an attribute for WAF fail open for Application Load Balancers, and an attribute for connection draining for Network Load Balancers.
• feature: Shield: This release adds APIs for two new features: 1) Allow customers to bundle resources into protection groups and treat as a single unit. 2) Provide per-account event summaries to all AWS customers.
• feature: Textract: AWS Textract now allows customers to specify their own KMS key to be used for asynchronous jobs output results, AWS Textract now also recognizes handwritten text from English documents.

v2.791.0

Compare Source

• feature: Iot: This release adds a batchMode parameter to the IotEvents, IotAnalytics, and Firehose actions which allows customers to send an array of messages to the corresponding services
• feature: LexModelBuildingService: Lex now supports es-ES, it-IT, fr-FR and fr-CA locales
• feature: Lightsail: This release adds support for Amazon Lightsail container services. You can now create a Lightsail container service, and deploy Docker images to it.
• feature: PersonalizeRuntime: Adds support to use dynamic filters with Personalize.
• feature: Polly: Amazon Polly adds new Australian English female voice - Olivia. Olivia is available as Neural voice only.
• feature: RoboMaker: This release introduces Robomaker Worldforge TagsOnCreate which allows customers to tag worlds as they are being generated by providing the tags while configuring a world generation job.
• feature: ServiceCatalogAppRegistry: AWS Service Catalog AppRegistry provides a repository of your applications, their resources, and the application metadata that you use within your enterprise.

v2.790.0

Compare Source

• feature: Amplify: Whereas previously custom headers were set via the app's buildspec, custom headers can now be set directly on the Amplify app for both ci/cd and manual deploy apps.
• feature: DataBrew: This is the initial SDK release for AWS Glue DataBrew. DataBrew is a visual data preparation tool that enables users to clean and normalize data without writing any code.
• feature: ForecastService: Providing support of custom quantiles in CreatePredictor API.
• feature: MediaConvert: AWS Elemental MediaConvert SDK has added support for Automated ABR encoding and improved the reliability of embedded captions in accelerated outputs.
• feature: QuickSight: QuickSight now supports Column-level security and connecting to Oracle data source.
• feature: ServiceCatalog: Adding support to remove a Provisioned Product launch role via UpdateProvisionedProductProperties

v2.789.0

Compare Source

• feature: EC2: This release adds support for Gateway Load Balancer VPC endpoints and VPC endpoint services
• feature: ELBv2: Added support for Gateway Load Balancers, which make it easy to deploy, scale, and run third-party virtual networking appliances.
• feature: SSM: Add SessionId as a filter for DescribeSessions API

v2.788.0

Compare Source

• feature: DataSync: DataSync now enables customers to adjust the network bandwidth used by a running AWS DataSync task.
• feature: DynamoDB: This release adds supports for exporting Amazon DynamoDB table data to Amazon S3 to perform analytics at any scale.
• feature: ECS: This release provides native support for specifying Amazon FSx for Windows File Server file systems as volumes in your Amazon ECS task definitions.
• feature: ES: Adding support for package versioning in Amazon Elasticsearch Service
• feature: FSx: This release adds support for creating DNS aliases for Amazon FSx for Windows File Server, and using AWS Backup to automate scheduled, policy-driven backup plans for Amazon FSx file systems.
• feature: IoTAnalytics: AWS IoT Analytics now supports Late Data Notifications for datasets, dataset content creation using previous version IDs, and includes the LastMessageArrivalTime attribute for channels and datastores.
• feature: Macie2: Sensitive data findings in Amazon Macie now include enhanced location data for Apache Avro object containers and Apache Parquet files.
• feature: S3: S3 Intelligent-Tiering adds support for Archive and Deep Archive Access tiers; S3 Replication adds replication metrics and failure notifications, brings feature parity for delete marker replication
• feature: SSM: add a new filter to allow customer to filter automation executions by using resource-group which used for execute automation
• feature: StorageGateway: Added bandwidth rate limit schedule for Tape and Volume Gateways

v2.787.0

Compare Source

• feature: DLM: Amazon Data Lifecycle Manager now supports the creation and retention of EBS-backed Amazon Machine Images
• feature: EC2: Network card support with four new attributes: NetworkCardIndex, NetworkPerformance, DefaultNetworkCardIndex, and MaximumNetworkInterfaces, added to the DescribeInstanceTypes API.
• feature: IoTSiteWise: Remove the CreatePresignedPortalUrl API
• feature: MediaLive: Support for SCTE35 ad markers in OnCuePoint style in RTMP outputs.

v2.786.0

Compare Source

• feature: AppMesh: This release adds circuit breaking capabilities to your mesh with connection pooling and outlier detection support.
• feature: CloudWatchEvents: With this release, customers can now reprocess past events by storing the events published on event bus in an encrypted archive.
• feature: DynamoDB: This release adds a new ReplicaStatus INACCESSIBLE_ENCRYPTION_CREDENTIALS for the Table description, indicating when a key used to encrypt a regional replica table is not accessible.
• feature: EC2: Documentation updates for EC2.
• feature: ES: Amazon Elasticsearch Service now provides the ability to define a custom endpoint for your domain and link an SSL certificate from ACM, making it easier to refer to Kibana and the domain endpoint.
• feature: EventBridge: With this release, customers can now reprocess past events by storing the events published on event bus in an encrypted archive.
• feature: FraudDetector: Added support for deleting resources like Variables, ExternalModels, Outcomes, Models, ModelVersions, Labels, EventTypes and EntityTypes. Updated DeleteEvent operation to catch missing exceptions.
• feature: Kendra: Amazon Kendra now supports providing user context in your query requests, Tokens can be JSON or JWT format. This release also introduces support for Confluence cloud datasources.
• feature: Lambda: Support Amazon MQ as an Event Source.
• feature: RDS: Supports a new parameter to set the max allocated storage in gigabytes for the CreateDBInstanceReadReplica API.

v2.785.0

Compare Source

• feature: AutoScaling: Capacity Rebalance helps you manage and maintain workload availability during Spot interruptions by proactively augmenting your Auto Scaling group with a new instance before interrupting an old one.
• feature: EC2: Added support for Client Connect Handler for AWS Client VPN. Fleet supports launching replacement instances in response to Capacity Rebalance recommendation.
• feature: ES: Amazon Elasticsearch Service now supports native SAML authentication that seamlessly integrates with the customers' existing SAML 2.0 Identity Provider (IdP).
• feature: Iot: Updated API documentation and added paginator for AWS Iot Registry ListThingPrincipals API.
• feature: MQ: Amazon MQ introduces support for RabbitMQ, a popular message-broker with native support for AMQP 0.9.1. You can now create fully-managed RabbitMQ brokers in the cloud.
• feature: MarketplaceMetering: Adding Vendor Tagging Support in MeterUsage and BatchMeterUsage API.
• feature: ServiceCatalog: Service Catalog API ListPortfolioAccess can now support a maximum PageSize of 100.
• feature: XRay: Releasing new APIs GetInsightSummaries, GetInsightEvents, GetInsight, GetInsightImpactGraph and updating GetTimeSeriesServiceStatistics API for AWS X-Ray Insights feature

v2.784.0

Compare Source

• feature: EC2: This release adds support for the following features: 1. P4d instances based on NVIDIA A100 GPUs. 2. NetworkCardIndex attribute to support multiple network cards.

v2.783.0

Compare Source

• bugfix: Types: Fix type of AWSError
• bugfix: Types: Update types for credential provider chain
• feature: Braket: This release supports tagging for Amazon Braket quantum-task resources. It also supports tag-based access control for quantum-task APIs.
• feature: DMS: Adding DocDbSettings to support DocumentDB as a source.
• feature: Imagebuilder: This feature increases the number of accounts that can be added to the Launch permissions within an Image Builder Distribution configuration.
• feature: Macie2: This release of the Amazon Macie API adds an eqExactMatch operator for filtering findings. With this operator you can increase the precision of your finding filters and suppression rules.
• feature: MediaLive: Support for HLS discontinuity tags in the child manifests. Support for incomplete segment behavior in the media output. Support for automatic input failover condition settings.

v2.782.0

Compare Source

• feature: APIGateway: Support disabling the default execute-api endpoint for REST APIs.
• feature: CodeArtifact: Add support for tagging of CodeArtifact domain and repository resources.
• feature: EC2: Support for Appliance mode on Transit Gateway that simplifies deployment of stateful network appliances. Added support for AWS Client VPN Self-Service Portal.
• feature: ELBv2: Application Load Balancer (ALB) now supports the gRPC protocol-version. With this release, customers can use ALB to route and load balance gRPC traffic between gRPC enabled clients and microservices.
• feature: SESV2: This release enables customers to manage their own contact lists and end-user subscription preferences.
• feature: StorageGateway: Adding support for access based enumeration on SMB file shares, file share visibility on SMB file shares, and file upload notifications for all file shares
• feature: TypeScript: Add AWS.Endpoint to ServiceConfigurationOptions.endpoint type.

v2.781.0

Compare Source

• feature: EC2: AWS Nitro Enclaves general availability. Added support to RunInstances for creating enclave-enabled EC2 instances. New APIs to associate an ACM certificate with an IAM role, for enclave consumption.
• feature: Iot: This release adds support for GG-Managed Job Namespace

v2.780.0

Compare Source

• feature: Glue: AWS Glue machine learning transforms now support encryption-at-rest for labels and trained models.

v2.779.0

Compare Source

• feature: Kendra: Amazon Kendra now supports indexing data from Confluence Server.
• feature: Neptune: This feature enables custom endpoints for Amazon Neptune clusters. Custom endpoints simplify connection management when clusters contain instances with different capacities and configuration settings.
• feature: SageMaker: This release enables customers to bring custom images for use with SageMaker Studio notebooks.

v2.778.0

Compare Source

• feature: MediaTailor: MediaTailor now supports ad marker passthrough for HLS. Use AdMarkerPassthrough to pass EXT-X-CUE-IN, EXT-X-CUE-OUT, and EXT-X-SPLICEPOINT-SCTE35 from origin manifests into personalized manifests.
• feature: QuickSight: Support description on columns.

v2.777.0

Compare Source

• feature: Appflow: Salesforce connector creation with customer provided client id and client secret, incremental pull configuration, salesforce upsert write operations and execution ID when on-demand flows are executed.
• feature: SNS: SNS now supports a new class of topics: FIFO (First-In-First-Out). FIFO topics provide strictly-ordered, deduplicated, filterable, encryptable, many-to-many messaging at scale.

v2.776.0

Compare Source

• feature: CloudFront: CloudFront adds support for managing the public keys for signed URLs and signed cookies directly in CloudFront (it no longer requires the AWS root account).
• feature: EC2: instance-storage-info nvmeSupport added to DescribeInstanceTypes API
• feature: GlobalAccelerator: This release adds support for specifying port overrides on AWS Global Accelerator endpoint groups.
• feature: Glue: AWS Glue crawlers now support incremental crawls for the Amazon Simple Storage Service (Amazon S3) data source.
• feature: Kendra: This release adds custom data sources: a new data source type that gives you full control of the documents added, modified or deleted during a data source sync while providing run history metrics.

v2.775.0

Compare Source

• bugfix: Credentials: Do not require credentials file when loading from config.
• feature: Batch: Adding evaluateOnExit to job retry strategies.
• feature: ElasticBeanstalk: EnvironmentStatus enum update to include Aborting, LinkingFrom and LinkingTo

v2.774.0

Compare Source

• feature: CloudFront: Amazon CloudFront adds support for Origin Shield.
• feature: SSM: This Patch Manager release now supports Common Vulnerabilities and Exposure (CVE) Ids for missing packages via the DescribeInstancePatches API.
• feature: ServiceCatalog: An Admin can now update the launch role associated with a Provisioned Product. Admins and End Users can now view the launch role associated with a Provisioned Product.

v2.773.0

Compare Source

• feature: MediaLive: The AWS Elemental MediaLive APIs and SDKs now support the ability to transfer the ownership of MediaLive Link devices across AWS accounts.

v2.772.0

Compare Source

• feature: AccessAnalyzer: This release adds support for the ApplyArchiveRule api in IAM Access Analyzer. The ApplyArchiveRule api allows users to apply an archive rule retroactively to existing findings in an analyzer.
• feature: Budgets: This release introduces AWS Budgets Actions, allowing you to define an explicit response(or set of responses) to take when your budget exceeds it's action threshold.
• feature: CostExplorer: This release improves email validation for subscriptions on the SDK endpoints.
• feature: DMS: When creating Endpoints, Replication Instances, and Replication Tasks, the feature provides you the option to specify friendly name to the resources.
• feature: GroundStation: Adds error message attribute to DescribeContact DataflowDetails
• feature: Iot: Add new variable, lastStatusChangeDate, to DescribeDomainConfiguration API
• feature: Macie2: This release of the Amazon Macie API adds support for pausing and resuming classification jobs. Also, sensitive data findings now include location data for up to 15 occurrences of sensitive data.
• feature: RDS: Return tags for all resources in the output of DescribeDBInstances, DescribeDBSnapshots, DescribeDBClusters, and DescribeDBClusterSnapshots API operations.
• feature: Rekognition: This SDK Release introduces new API (DetectProtectiveEquipment) for Amazon Rekognition. This release also adds ServiceQuotaExceeded exception to Amazon Rekognition IndexFaces API.
• feature: SSM: This Patch Manager release now supports searching for available packages from Amazon Linux and Amazon Linux 2 via the DescribeAvailablePatches API.
• feature: Transfer: Add support to associate VPC Security Groups at server creation.
• feature: WorkMail: Add CreateOrganization and DeleteOrganization API operations.
• feature: XRay: Enhancing CreateGroup, UpdateGroup, GetGroup and GetGroups APIs to support configuring X-Ray Insights Notifications. Adding TraceLimit information into X-Ray BatchGetTraces API response.

v2.771.0

Compare Source

• bugfix: Test: Delete unused variable declarations from test
• feature: Amplify: Performance mode optimizes for faster hosting performance by keeping content cached at the edge for a longer interval - enabling can make code changes can take up to 10 minutes to roll out.
• feature: EKS: This release introduces a new Amazon EKS error code: "ClusterUnreachable"
• feature: MediaLive: WAV audio output. Extracting ancillary captions in MP4 file inputs. Priority on channels feeding a multiplex (higher priority channels will tend to have higher video quality).
• feature: ServiceCatalog: This new API takes either a ProvisonedProductId or a ProvisionedProductName, along with a list of 1 or more output keys and responds with the (key,value) pairs of those outputs.
• feature: Snowball: We added new APIs to allow customers to better manage their device shipping. You can check if your shipping label expired, generate a new label, and tell us that you received or shipped your job.

v2.770.0

Compare Source

• feature: CloudWatchEvents: Amazon EventBridge (formerly called CloudWatch Events) adds support for target Dead-letter Queues and custom retry policies.
• feature: CostExplorer: You can now create hierarchical cost categories by choosing "Cost Category" as a dimension. You can also track the status of your cost category updates to your cost and usage information.
• feature: EC2: AWS EC2 RevokeSecurityGroupIngress and RevokeSecurityGroupEgress APIs will return IpPermissions which do not match with any existing IpPermissions for security groups in default VPC and EC2-Classic.
• feature: EventBridge: Amazon EventBridge adds support for target Dead Letter Queues (DLQs) and custom retry policies.
• feature: RDS: Supports a new parameter to set the max allocated storage in gigabytes for restore database instance from S3 and restore database instance to a point in time APIs.
• feature: Rekognition: This release provides location information for the manifest validation files.
• feature: SageMaker: This release enables Sagemaker customers to convert Tensorflow and PyTorch models to CoreML (ML Model) format.
• feature: Type: export client config interface on root as ConfigurationOptions

v2.769.0

Compare Source

• feature: ComputeOptimizer: This release enables AWS Compute Optimizer to analyze EC2 instance-level EBS read and write operations, and throughput when generating recommendations for your EC2 instances and Auto Scaling groups.
• feature: CostExplorer: Enables Rightsizing Recommendations to analyze and present EC2 instance-level EBS metrics when generating recommendations. Returns AccessDeniedException if the account is not opted into Rightsizing
• feature: ElastiCache: This release introduces User and UserGroup to allow customers to have access control list of the Redis resources for AWS ElastiCache. This release also adds support for Outposts for AWS ElastiCache.
• feature: MediaPackage: AWS Elemental MediaPackage provides access logs that capture detailed information about requests sent to a customer's MediaPackage channel.

v2.768.0

Compare Source

• feature: DMS: Added new S3 endpoint settings to allow partitioning CDC data by date for S3 as target. Exposed some Extra Connection Attributes as endpoint settings for relational databases as target.
• feature: EC2: This release supports returning additional information about local gateway virtual interfaces, and virtual interface groups.
• feature: KinesisAnalyticsV2: Amazon Kinesis Analytics now supports StopApplication with 'force' option
• feature: MarketplaceCatalog: AWS Marketplace Catalog now supports FailureCode for change workflows to help differentiate client errors and server faults.

v2.767.0

Compare Source

• feature: DynamoDB: This release adds a new ReplicaStatus REGION DISABLED for the Table description. This state indicates that the AWS Region for the replica is inaccessible because the AWS Region is disabled.
• feature: Glue: AWS Glue crawlers now support Amazon DocumentDB (with MongoDB compatibility) and MongoDB collections. You can choose to crawl the entire data set or only a small sample to reduce crawl time.
• feature: MediaConvert: AWS Elemental MediaConvert SDK has added support for AVC-I and VC3 encoding in the MXF OP1a container, Nielsen non-linear watermarking, and InSync FrameFormer frame rate conversion.
• feature: SageMaker: This release adds support for launching Amazon SageMaker Studio in your VPC. Use AppNetworkAccessType in CreateDomain API to disable access to public internet and restrict the network traffic to VPC.

v2.766.0

Compare Source

• bugfix: lib: call customBackoff() only upon retryable errors
• feature: Batch: Support tagging for Batch resources (compute environment, job queue, job definition and job) and tag based access control on Batch APIs
• feature: ELBv2: This release adds support for tagging listeners, rules, and target groups on creation. This release also supported tagging operations through tagging api's for listeners and rules.
• feature: PersonalizeEvents: Adds new APIs to write item and user records to Datasets.
• feature: RDS: Adds the NCHAR Character Set ID parameter to the CreateDbInstance API for RDS Oracle.
• feature: S3: Amazon S3 Object Ownership is a new S3 feature that enables bucket owners to automatically assume ownership of objects that are uploaded to their buckets by other AWS Accounts.
• feature: ServiceDiscovery: Added support for optional parameters for DiscoverInstances API in AWS Cloud Map
• feature: docs: Update s_code Script Handling

v2.765.0

Compare Source

• feature: AppSync: Exposes the wafWebAclArn field on GraphQL api records. The wafWebAclArn field contains the amazon resource name of a WAF Web ACL if the AWS AppSync API is associated with one.
• feature: Glue: Adding additional optional map parameter to get-plan api
• feature: Kafka: Added support for Enabling Zookeeper Encryption in Transit for AWS MSK.
• feature: QuickSight: QuickSight now supports connecting to AWS Timestream data source
• feature: WAFV2: AWS WAF is now availabl

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • ""
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.