chore(release): 2.194.0

.github/workflows/security-guardian.yml

@@ -9,59 +9,25 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
         with:
-          fetch-depth: 0  # Fetches full history
+          fetch-depth: 0  # Required to enable full git diff
 
-      - name: Get list of changed .template.json files
-        id: filter_files
-        run: |
-          echo "Getting changed CloudFormation templates..."
-          mkdir -p changed_templates
-
-          git fetch origin main --depth=1
-
-          base_sha="${{ github.event.pull_request.base.sha }}"
-          head_sha="${{ github.event.pull_request.head.sha }}"
-          if [[ -z "$base_sha" ]]; then base_sha=$(git merge-base origin/main HEAD); fi
-          if [[ -z "$head_sha" ]]; then head_sha=HEAD; fi
-
-          git diff --name-status "$base_sha" "$head_sha" \
-            | grep -E '^(A|M)\s+.*\.template\.json$' \
-            | awk '{print $2}' > changed_files.txt || true
-
-          while IFS= read -r file; do
-            if [ -f "$file" ]; then
-              safe_name=$(echo "$file" | sed 's|/|_|g')
-              cp "$file" "changed_templates/$safe_name"
-            else
-              echo "::warning::Changed file not found in workspace: $file"
-            fi
-          done < changed_files.txt
-
-          if [ -s changed_files.txt ]; then
-            echo "files_changed=true" >> $GITHUB_OUTPUT
-          else
-            echo "files_changed=false" >> $GITHUB_OUTPUT
-          fi
-
       - name: Install cfn-guard
-        if: steps.filter_files.outputs.files_changed == 'true'
         run: |
           mkdir -p $HOME/.local/bin
           curl -L -o cfn-guard.tar.gz https://github.com/aws-cloudformation/cloudformation-guard/releases/latest/download/cfn-guard-v3-x86_64-ubuntu-latest.tar.gz
           tar -xzf cfn-guard.tar.gz
           mv cfn-guard-v3-*/cfn-guard $HOME/.local/bin/cfn-guard
           chmod +x $HOME/.local/bin/cfn-guard
           echo "$HOME/.local/bin" >> $GITHUB_PATH
-  
+
       - name: Install & Build security-guardian
-        if: steps.filter_files.outputs.files_changed == 'true'
         run: yarn install --frozen-lockfile && cd tools/@aws-cdk/security-guardian && yarn build
 
-      - name: Run cfn-guard if templates changed
-        if: steps.filter_files.outputs.files_changed == 'true'
+      - name: Run Security Guardian
         uses: ./tools/@aws-cdk/security-guardian
         with:
-          data_directory: './changed_templates'
-          rule_set_path: './tools/@aws-cdk/security-guardian/rules/trust_scope_rules.guard'
+          base_sha: ${{ github.event.pull_request.base.sha }}
+          head_sha: ${{ github.event.pull_request.head.sha }}
+          rule_set_path: './tools/@aws-cdk/security-guardian/rules'
           show_summary: 'fail'
-          output_format: 'single-line-summary'
+          output_format: 'json'

CHANGELOG.v2.alpha.md

@@ -2,6 +2,8 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+## [2.194.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.193.0-alpha.0...v2.194.0-alpha.0) (2025-05-01)
+
 ## [2.193.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.192.0-alpha.0...v2.193.0-alpha.0) (2025-04-30)
 
 

CHANGELOG.v2.md

@@ -2,6 +2,14 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+## [2.194.0](https://github.com/aws/aws-cdk/compare/v2.193.0...v2.194.0) (2025-05-01)
+
+
+### Features
+
+* update L1 CloudFormation resource definitions ([#34278](https://github.com/aws/aws-cdk/issues/34278)) ([e37faed](https://github.com/aws/aws-cdk/commit/e37faed95deb25be05826c2e1f2781b0e51ca26e))
+* **events:** throw `ValidationErrors` instead of untyped Errors ([#34316](https://github.com/aws/aws-cdk/issues/34316)) ([06b463f](https://github.com/aws/aws-cdk/commit/06b463fd5a92aab9ffc9d016d85b977f64379550)), closes [#32569](https://github.com/aws/aws-cdk/issues/32569)
+
 ## [2.193.0](https://github.com/aws/aws-cdk/compare/v2.192.0...v2.193.0) (2025-04-30)
 
 

CONTRIBUTORS.md

@@ -14,10 +14,10 @@ Shout out to our top contributors!
 - [otaviomacedo](https://github.com/otaviomacedo)
 - [mazyu36](https://github.com/mazyu36)
 - [pahud](https://github.com/pahud)
-- [TheRealAmazonKendra](https://github.com/TheRealAmazonKendra)
-- [comcalvi](https://github.com/comcalvi)
-- [go-to-k](https://github.com/go-to-k)
 - [badmintoncryer](https://github.com/badmintoncryer)
+- [go-to-k](https://github.com/go-to-k)
+- [comcalvi](https://github.com/comcalvi)
+- [TheRealAmazonKendra](https://github.com/TheRealAmazonKendra)
 - [madeline-k](https://github.com/madeline-k)
 - [NetaNir](https://github.com/NetaNir)
 - [robertd](https://github.com/robertd)
@@ -29,4 +29,4 @@ Shout out to our top contributors!
 - [GavinZZ](https://github.com/GavinZZ)
 
 
-_Last updated: Tue, 01 Apr 25 09:38:50 +0000_
+_Last updated: Thu, 01 May 25 00:13:51 +0000_

packages/@aws-cdk-testing/framework-integ/test/aws-apigateway/test/integ.restapi.access-log-firehose.js.snapshot/test-apigateway-access-logs-firehose.template.json

@@ -306,6 +306,9 @@
    "ap-east-1": {
     "value": "nodejs20.x"
    },
+   "ap-east-2": {
+    "value": "nodejs20.x"
+   },
    "ap-northeast-1": {
     "value": "nodejs20.x"
    },

packages/@aws-cdk-testing/framework-integ/test/aws-appconfig/test/integ.configuration.js.snapshot/aws-appconfig-configuration.template.json

@@ -2073,6 +2073,9 @@
    "ap-east-1": {
     "value": "nodejs20.x"
    },
+   "ap-east-2": {
+    "value": "nodejs20.x"
+   },
    "ap-northeast-1": {
     "value": "nodejs20.x"
    },

packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-channel-namespace.js.snapshot/EventApiChannelNamespaceStack.template.json

@@ -319,6 +319,9 @@
    "ap-east-1": {
     "value": "nodejs20.x"
    },
+   "ap-east-2": {
+    "value": "nodejs20.x"
+   },
    "ap-northeast-1": {
     "value": "nodejs20.x"
    },
@@ -428,7 +431,7 @@
     "value": "nodejs18.x"
    },
    "us-isob-west-1": {
-    "value":"nodejs18.x"
+    "value": "nodejs18.x"
    },
    "us-west-1": {
     "value": "nodejs20.x"

packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-event-api.js.snapshot/appsync-event-api-stack.template.json

@@ -705,6 +705,9 @@
    "ap-east-1": {
     "value": "nodejs20.x"
    },
+   "ap-east-2": {
+    "value": "nodejs20.x"
+   },
    "ap-northeast-1": {
     "value": "nodejs20.x"
    },
@@ -814,7 +817,7 @@
     "value": "nodejs18.x"
    },
    "us-isob-west-1": {
-    "value":"nodejs18.x"
+    "value": "nodejs18.x"
    },
    "us-west-1": {
     "value": "nodejs20.x"