konokenj.cdk-api-mcp-server 0.40.0__py3-none-any.whl → 0.42.0__py3-none-any.whl

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2/integ.api.ts

@@ -6,11 +6,9 @@ import * as apigw from 'aws-cdk-lib/aws-apigatewayv2';
 const app = new cdk.App();
 const stack = new cdk.Stack(app, 'aws-cdk-aws-apigatewayv2');
 
-new apigw.HttpApi(stack, 'HttpApi', {
-  routeSelectionExpression: true,
-});
+new apigw.WebSocketApi(stack, 'WebSocketApi');
 
-new IntegTest(app, 'http-api', {
+new IntegTest(app, 'web-socket-api', {
   testCases: [stack],
 });
 

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2/integ.stage.ts

@@ -1,33 +1,20 @@
 #!/usr/bin/env node
-import { IntegTest } from '@aws-cdk/integ-tests-alpha';
 import * as cdk from 'aws-cdk-lib';
-import * as apigwv2 from 'aws-cdk-lib/aws-apigatewayv2';
-import * as apigw from 'aws-cdk-lib/aws-apigateway';
-import * as logs from 'aws-cdk-lib/aws-logs';
+import * as apigw from 'aws-cdk-lib/aws-apigatewayv2';
 
 const app = new cdk.App();
-const stack = new cdk.Stack(app, 'aws-cdk-aws-apigatewayv2-http-stage');
+const stack = new cdk.Stack(app, 'aws-cdk-aws-apigatewayv2-websocket-stage');
 
-const testLogGroup = new logs.LogGroup(stack, 'MyLogGroup');
-
-const httpApi = new apigwv2.HttpApi(stack, 'HttpApi', { createDefaultStage: false });
-new apigwv2.HttpStage(stack, 'HttpStageWithProperties', {
-  httpApi,
+const webSocketApi = new apigw.WebSocketApi(stack, 'WebSocketApi');
+new apigw.WebSocketStage(stack, 'WebSocketStage', {
+  webSocketApi,
+  stageName: 'dev',
   throttle: {
     rateLimit: 1000,
     burstLimit: 1000,
   },
   detailedMetricsEnabled: true,
   description: 'My Stage',
-  accessLogSettings: {
-    destination: new apigwv2.LogGroupLogDestination(testLogGroup),
-    format: apigw.AccessLogFormat.custom(JSON.stringify({
-      extendedRequestId: apigw.AccessLogField.contextExtendedRequestId(),
-      requestTime: apigw.AccessLogField.contextRequestTime(),
-    })),
-  },
 });
 
-new IntegTest(app, 'aws-cdk-aws-apigatewayv2-http-stage-test', {
-  testCases: [stack],
-});
+app.synth();

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2/integ.usage-plan.ts

@@ -0,0 +1,80 @@
+import * as integ from '@aws-cdk/integ-tests-alpha';
+import * as cdk from 'aws-cdk-lib';
+import { WebSocketApi, WebSocketStage, UsagePlan, ApiKey, RateLimitedApiKey, Period } from 'aws-cdk-lib/aws-apigatewayv2';
+
+const app = new cdk.App();
+
+const stack = new cdk.Stack(app, 'aws-cdk-aws-apigatewayv2-websocket-usage-plan');
+
+const webSocketApi = new WebSocketApi(stack, 'WebSocketApi');
+
+const webSocketStage = new WebSocketStage(stack, 'WebSocketStage', {
+  webSocketApi,
+  stageName: 'dev',
+});
+
+const apiKey = new ApiKey(stack, 'ApiKey', {
+  apiKeyName: 'my-api-key',
+  value: 'MyApiKeyThatIsAtLeast20Characters',
+  description: 'Basic api-key',
+  customerId: 'my-customer',
+  enabled: true,
+  generateDistinctId: true,
+});
+
+const usagePlan = new UsagePlan(stack, 'UsagePlan', {
+  apiStages: [{
+    api: webSocketApi,
+    stage: webSocketStage,
+  }],
+  description: 'Basic usage plan',
+  quota: {
+    limit: 10000,
+    offset: 1,
+    period: Period.MONTH,
+  },
+  throttle: {
+    rateLimit: 100,
+    burstLimit: 200,
+  },
+  usagePlanName: 'WebSocketUsagePlan',
+});
+
+const webSocketStage2 = new WebSocketStage(stack, 'WebSocketStage2', {
+  webSocketApi,
+  stageName: 'dev2',
+});
+
+usagePlan.addApiKey(apiKey);
+usagePlan.addApiStage({ api: webSocketApi, stage: webSocketStage2 });
+
+const webSocketStage3 = new WebSocketStage(stack, 'WebSocketStage3', {
+  webSocketApi,
+  stageName: 'dev3',
+});
+
+new RateLimitedApiKey(stack, 'RateLimitedApiKey', {
+  apiKeyName: 'my-rate-limited-api-key',
+  value: 'MyRateLimitedApiKeyThatIsAtLeast20Characters',
+  description: 'Basic rate-limited-api-key',
+  customerId: 'my-customer',
+  enabled: true,
+  generateDistinctId: true,
+  apiStages: [{
+    api: webSocketApi,
+    stage: webSocketStage3,
+  }],
+  quota: {
+    limit: 10000,
+    offset: 1,
+    period: Period.MONTH,
+  },
+  throttle: {
+    rateLimit: 100,
+    burstLimit: 200,
+  },
+});
+
+new integ.IntegTest(app, 'WebSocketUsagePlanInteg', {
+  testCases: [stack],
+});

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-authorizers/integ.iam.ts

@@ -1,46 +1,53 @@
 import * as apigatewayv2 from 'aws-cdk-lib/aws-apigatewayv2';
+import { WebSocketLambdaIntegration } from 'aws-cdk-lib/aws-apigatewayv2-integrations';
 import * as iam from 'aws-cdk-lib/aws-iam';
+import { Code, Function, Runtime } from 'aws-cdk-lib/aws-lambda';
 import * as cdk from 'aws-cdk-lib';
-import { HttpIamAuthorizer } from 'aws-cdk-lib/aws-apigatewayv2-authorizers';
+import { Stack } from 'aws-cdk-lib';
+import * as integ from '@aws-cdk/integ-tests-alpha';
+import { WebSocketIamAuthorizer } from 'aws-cdk-lib/aws-apigatewayv2-authorizers';
 
-class ExampleComIntegration extends apigatewayv2.HttpRouteIntegration {
-  public bind(): apigatewayv2.HttpRouteIntegrationConfig {
-    return {
-      type: apigatewayv2.HttpIntegrationType.HTTP_PROXY,
-      payloadFormatVersion: apigatewayv2.PayloadFormatVersion.VERSION_1_0,
-      method: apigatewayv2.HttpMethod.GET,
-      uri: 'https://www.example.com/',
-    };
-  }
-}
-
-const app = new cdk.App();
+const app = new cdk.App({
+  postCliContext: {
+    '@aws-cdk/aws-lambda:useCdkManagedLogGroup': false,
+  },
+});
 const stack = new cdk.Stack(app, 'IntegApiGatewayV2Iam');
 const user = new iam.User(stack, 'User');
 const userAccessKey = new iam.AccessKey(stack, 'UserAccess', {
   user,
 });
 
-const httpApi = new apigatewayv2.HttpApi(stack, 'HttpApi', {
-  defaultAuthorizer: new HttpIamAuthorizer(),
+const handler = new Function(stack, 'auth-function', {
+  runtime: Runtime.NODEJS_18_X,
+  code: Code.fromInline('exports.handler = () => {return true}'),
+  handler: 'index.handler',
 });
 
-const [fooRoute] = httpApi.addRoutes({
-  integration: new ExampleComIntegration('examplecom'),
-  path: '/foo',
+const webSocketApi = new apigatewayv2.WebSocketApi(stack, 'WebSocketApi', {
+  connectRouteOptions: {
+    integration: new WebSocketLambdaIntegration('WebSocketLambdaIntegration', handler),
+    authorizer: new WebSocketIamAuthorizer(),
+  },
 });
 
-fooRoute.grantInvoke(user);
-
-const [booksRoute] = httpApi.addRoutes({
-  integration: new ExampleComIntegration('examplecom'),
-  path: '/books/{book}',
+const arn = Stack.of(stack).formatArn({
+  service: 'execute-api',
+  resource: webSocketApi.apiId,
 });
 
-booksRoute.grantInvoke(user);
+user.attachInlinePolicy(new iam.Policy(stack, 'AllowInvoke', {
+  statements: [
+    new iam.PolicyStatement({
+      actions: ['execute-api:Invoke'],
+      effect: iam.Effect.ALLOW,
+      resources: [arn],
+    }),
+  ],
+}));
 
-new cdk.CfnOutput(stack, 'API', {
-  value: httpApi.url!,
+new integ.IntegTest(app, 'ApiGatewayV2WebSocketIamTest', {
+  testCases: [stack],
 });
 
 new cdk.CfnOutput(stack, 'TESTACCESSKEYID', {
@@ -55,15 +62,4 @@ new cdk.CfnOutput(stack, 'TESTREGION', {
   value: stack.region,
 });
 
-/*
- * Stack verification steps:
- * * Get cURL version 7.75.0 or later so you can use the --aws-sigv4 option
- * * Curl <url>/foo without sigv4 and expect a 403
- * * Curl <url>/books/something without sigv4 and expect a 403
- * * Curl <url>/foo with sigv4 from the authorized user and expect 200
- * * Curl <url>/books/something with sigv4 from the authorized user and expect 200
- *
- * Reference:
- * * Using cURL 7.75.0 or later via the official docker image: docker run --rm curlimages/curl -s -o/dev/null -w"%{http_code}" <url>
- * * Args to enable sigv4 with authorized credentials: --user "$TESTACCESSKEYID:$TESTSECRETACCESSKEY" --aws-sigv4 "aws:amz:$TESTREGION:execute-api"
- */
+app.synth();

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-integrations/integ.sqs.ts

@@ -1,85 +1,72 @@
-import * as apigwv2 from 'aws-cdk-lib/aws-apigatewayv2';
+import { HttpMethod, PassthroughBehavior, WebSocketApi, WebSocketStage } from 'aws-cdk-lib/aws-apigatewayv2';
 import * as sqs from 'aws-cdk-lib/aws-sqs';
-import { App, Stack } from 'aws-cdk-lib';
-import { HttpSqsIntegration } from 'aws-cdk-lib/aws-apigatewayv2-integrations';
-import * as integ from '@aws-cdk/integ-tests-alpha';
+import * as iam from 'aws-cdk-lib/aws-iam';
+import { App, Stack, Aws } from 'aws-cdk-lib';
+import { WebSocketAwsIntegration } from 'aws-cdk-lib/aws-apigatewayv2-integrations';
+import { IntegTest } from '@aws-cdk/integ-tests-alpha';
 
-const app = new App();
-const stack = new Stack(app, 'sqs-integration');
+/*
+ * Stack verification steps:
+ * 1. Verify manually that the integration has type "AWS"
+ */
 
-const queue = new sqs.Queue(stack, 'Queue');
+const app = new App();
+const stack = new Stack(app, 'integ-aws-websocket-sqs-integration');
 
-const httpApi = new apigwv2.HttpApi(stack, 'Api');
-httpApi.addRoutes({
-  path: '/default',
-  methods: [apigwv2.HttpMethod.POST],
-  integration: new HttpSqsIntegration('defaultIntegration', {
-    queue,
-  }),
-});
-httpApi.addRoutes({
-  path: '/send-message',
-  methods: [apigwv2.HttpMethod.POST],
-  integration: new HttpSqsIntegration('sendMessageIntegration', {
-    queue,
-    subtype: apigwv2.HttpIntegrationSubtype.SQS_SEND_MESSAGE,
-  }),
-});
-httpApi.addRoutes({
-  path: '/receive-message',
-  methods: [apigwv2.HttpMethod.POST],
-  integration: new HttpSqsIntegration('receiveMessageIntegration', {
-    queue,
-    subtype: apigwv2.HttpIntegrationSubtype.SQS_RECEIVE_MESSAGE,
-  }),
-});
-httpApi.addRoutes({
-  path: '/delete-message',
-  methods: [apigwv2.HttpMethod.POST],
-  integration: new HttpSqsIntegration('deleteMessageIntegration', {
-    queue,
-    subtype: apigwv2.HttpIntegrationSubtype.SQS_DELETE_MESSAGE,
-  }),
+const sqsMessageQueue = new sqs.Queue(stack, 'MessageSQSQueue', {
+  fifo: true,
+  queueName: 'MessageSQSQueue.fifo',
 });
-httpApi.addRoutes({
-  path: '/purge-queue',
-  methods: [apigwv2.HttpMethod.POST],
-  integration: new HttpSqsIntegration('purgeQueueIntegration', {
-    queue,
-    subtype: apigwv2.HttpIntegrationSubtype.SQS_PURGE_QUEUE,
-  }),
+
+// API Gateway WebSocket API
+const webSocketApi = new WebSocketApi(stack, 'webSocketApi', {
+  description: 'Send websocket data to SQS which is then processed by a Lambda 2',
+  routeSelectionExpression: '$request.body.action',
 });
 
-const integTest = new integ.IntegTest(app, 'SqsIntegrationIntegTest', {
-  testCases: [stack],
+// Optionally, create a WebSocket stage
+new WebSocketStage(stack, 'DevStage', {
+  webSocketApi: webSocketApi,
+  stageName: 'dev',
+  autoDeploy: true,
 });
 
-const defaultAssertion = integTest.assertions.httpApiCall(
-  `${httpApi.apiEndpoint}/default`, {
-    body: JSON.stringify({ MessageBody: 'Hello World!' }),
-    method: 'POST',
-  },
-);
-defaultAssertion.expect(integ.ExpectedResult.objectLike({ status: 200, statusText: 'OK' }));
+// IAM Role for API Gateway
+const webSocketApiRole = new iam.Role(stack, 'webSocketApiRole', {
+  assumedBy: new iam.ServicePrincipal('apigateway.amazonaws.com'),
+});
 
-const sendMessageAssertion = integTest.assertions.httpApiCall(
-  `${httpApi.apiEndpoint}/send-message`, {
-    body: JSON.stringify({ MessageBody: 'Hello World!' }),
-    method: 'POST',
-  },
+webSocketApiRole.addToPolicy(
+  new iam.PolicyStatement({
+    actions: ['sqs:SendMessage'],
+    effect: iam.Effect.ALLOW,
+    resources: [sqsMessageQueue.queueArn],
+  }),
 );
-sendMessageAssertion.expect(integ.ExpectedResult.objectLike({ status: 200, statusText: 'OK' }));
 
-const receiveMessageAssertion = integTest.assertions.httpApiCall(
-  `${httpApi.apiEndpoint}/receive-message`, {
-    method: 'POST',
-  },
-);
-receiveMessageAssertion.expect(integ.ExpectedResult.objectLike({ status: 200, statusText: 'OK' }));
+webSocketApi.addRoute('$default', {
+  integration: new WebSocketAwsIntegration('SQSSendMessage', {
+    integrationUri: `arn:aws:apigateway:${Aws.REGION}:sqs:path/${Aws.ACCOUNT_ID}/${sqsMessageQueue.queueName}`,
+    integrationMethod: HttpMethod.POST,
+    credentialsRole: webSocketApiRole,
+    passthroughBehavior: PassthroughBehavior.NEVER,
+    templateSelectionExpression: '\\$default',
+    requestTemplates: {
+      $default: 'Action=SendMessage&MessageGroupId=$input.path(\'$.MessageGroupId\')&MessageDeduplicationId=$context.requestId&MessageAttribute.1.Name=connectionId&MessageAttribute.1.Value.StringValue=$context.connectionId&MessageAttribute.1.Value.DataType=String&MessageAttribute.2.Name=requestId&MessageAttribute.2.Value.StringValue=$context.requestId&MessageAttribute.2.Value.DataType=String&MessageBody=$input.json(\'$\')',
+    },
+    requestParameters: {
+      'integration.request.header.Content-Type': '\'application/x-www-form-urlencoded\'',
+    },
+  }),
+});
 
-const purgeQueueAssertion = integTest.assertions.httpApiCall(
-  `${httpApi.apiEndpoint}/purge-queue`, {
-    method: 'POST',
+new IntegTest(app, 'apigatewayv2-aws-integration-sqs-integ-test', {
+  testCases: [stack],
+  cdkCommandOptions: {
+    deploy: {
+      args: {
+        rollback: true,
+      },
+    },
   },
-);
-purgeQueueAssertion.expect(integ.ExpectedResult.objectLike({ status: 200, statusText: 'OK' }));
+});

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-codepipeline-actions/integ.pipeline-elastic-beanstalk-deploy.ts

@@ -85,7 +85,7 @@ const beanstalkEnv = new elasticbeanstalk.CfnEnvironment(stack, 'beanstlk-env',
   applicationName: beanstalkApp.applicationName!,
   environmentName: 'codepipeline-test-env',
   // see https://docs.aws.amazon.com/elasticbeanstalk/latest/platforms/platforms-supported.html#platforms-supported.nodejs
-  solutionStackName: '64bit Amazon Linux 2023 v6.5.2 running Node.js 20',
+  solutionStackName: '64bit Amazon Linux 2023 v6.6.2 running Node.js 20',
   optionSettings: [
     {
       namespace: 'aws:autoscaling:launchconfiguration',

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cognito/README.md

@@ -1004,6 +1004,17 @@ const userPoolClient = new cognito.UserPoolClient(this, 'UserPoolClient', {
 });
 ```
 
+[Refresh token rotation](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-the-refresh-token.html#using-the-refresh-token-rotation)
+can be configured to enable automatic rotation of refresh tokens. By default, refresh token rotation is disabled. When the refreshTokenRotationGracePeriod is 0, the grace period is disabled and a successful request immediately invalidates the submitted refresh token. 
+
+```ts
+const pool = new cognito.UserPool(this, 'Pool');
+pool.addClient('app-client', {
+  // ...
+  refreshTokenRotationGracePeriod: Duration.seconds(40)
+});
+```
+
 See [Adding user device and session data to API requests](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-adaptive-authentication.html#user-pool-settings-adaptive-authentication-device-fingerprint) for more information.
 
 ### Resource Servers

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cognito/integ.user-pool-client-explicit-props.ts

@@ -43,6 +43,7 @@ const client = userpool.addClient('myuserpoolclient', {
   },
   preventUserExistenceErrors: true,
   authSessionValidity: Duration.minutes(3),
+  refreshTokenRotationGracePeriod: Duration.seconds(45),
   writeAttributes: (new ClientAttributes()).withStandardAttributes(
     {
       address: true,

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/README.md

@@ -17,7 +17,9 @@ By default, `TableV2` will create a single table in the main deployment region r
 ```ts
 const table = new dynamodb.TableV2(this, 'Table', {
   partitionKey: { name: 'pk', type: dynamodb.AttributeType.STRING },
-  contributorInsights: true,
+  contributorInsightsSpecification: {
+    enabled: true,
+  },
   tableClass: dynamodb.TableClass.STANDARD_INFREQUENT_ACCESS,
   pointInTimeRecoverySpecification: {
     pointInTimeRecoveryEnabled: true,
@@ -66,12 +68,12 @@ globalTable.addReplica({ region: 'us-east-2', deletionProtection: true });
 ```
 
 The following properties are configurable on a per-replica basis, but will be inherited from the `TableV2` properties if not specified:
-* contributorInsights
+* contributorInsightsSpecification
 * deletionProtection
 * pointInTimeRecoverySpecification
 * tableClass
 * readCapacity (only configurable if the `TableV2` billing mode is `PROVISIONED`)
-* globalSecondaryIndexes (only `contributorInsights` and `readCapacity`)
+* globalSecondaryIndexes (only `contributorInsightsSpecification` and `readCapacity`)
 
 The following example shows how to define properties on a per-replica basis:
 
@@ -83,7 +85,9 @@ const stack = new cdk.Stack(app, 'Stack', { env: { region: 'us-west-2' } });
 
 const globalTable = new dynamodb.TableV2(stack, 'GlobalTable', {
   partitionKey: { name: 'pk', type: dynamodb.AttributeType.STRING },
-  contributorInsights: true,
+  contributorInsightsSpecification: {
+    enabled: true,
+  },
   pointInTimeRecoverySpecification: {
       pointInTimeRecoveryEnabled: true,
   },
@@ -97,7 +101,9 @@ const globalTable = new dynamodb.TableV2(stack, 'GlobalTable', {
     },
     {
       region: 'us-east-2',
-      contributorInsights: false,
+      contributorInsightsSpecification: {
+        enabled: false,
+      },
     },
   ],
 });
@@ -443,7 +449,7 @@ const table = new dynamodb.TableV2(this, 'Table', {
 });
 ```
 
-All `globalSecondaryIndexes` for replica tables are inherited from the primary table. You can configure `contributorInsights` and `readCapacity` for each `globalSecondaryIndex` on a per-replica basis:
+All `globalSecondaryIndexes` for replica tables are inherited from the primary table. You can configure `contributorInsightsSpecification` and `readCapacity` for each `globalSecondaryIndex` on a per-replica basis:
 
 ```ts
 import * as cdk from 'aws-cdk-lib';
@@ -453,7 +459,9 @@ const stack = new cdk.Stack(app, 'Stack', { env: { region: 'us-west-2' } });
 
 const globalTable = new dynamodb.TableV2(stack, 'GlobalTable', {
   partitionKey: { name: 'pk', type: dynamodb.AttributeType.STRING },
-  contributorInsights: true,
+  contributorInsightsSpecification: {
+    enabled: true,
+  },
   billing: dynamodb.Billing.provisioned({
     readCapacity: dynamodb.Capacity.fixed(10),
     writeCapacity: dynamodb.Capacity.autoscaled({ maxCapacity: 10 }),
@@ -484,7 +492,9 @@ const globalTable = new dynamodb.TableV2(stack, 'GlobalTable', {
       region: 'us-east-2',
       globalSecondaryIndexOptions: {
         gsi2: {
-          contributorInsights: false,
+          contributorInsightsSpecification: {
+            enabled: false,
+          },
         },
       },
     },
@@ -605,25 +615,40 @@ const table = new dynamodb.TableV2(this, 'Table', {
 
 ## Contributor Insights
 
-Enabling `contributorInsights` for `TableV2` will provide information about the most accessed and throttled items in a table or `globalSecondaryIndex`. DynamoDB delivers this information to you via CloudWatch Contributor Insights rules, reports, and graphs of report data.
+Enabling `contributorInsightSpecification` for `TableV2` will provide information about the most accessed and throttled or throttled only items in a table or `globalSecondaryIndex`. DynamoDB delivers this information to you via CloudWatch Contributor Insights rules, reports, and graphs of report data.
+
+By default, Contributor Insights for DynamoDB monitors all requests, including both the most accessed and most throttled items.  
+To limit the scope to only the most accessed or only the most throttled items, use the optional `mode` parameter.
+
+- To monitor all traffic on a table or index, set `mode` to `ContributorInsightsMode.ACCESSED_AND_THROTTLED_KEYS`.
+- To monitor only throttled traffic on a table or index, set `mode` to `ContributorInsightsMode.THROTTLED_KEYS`. 
+
 
 ```ts
 const table = new dynamodb.TableV2(this, 'Table', {
   partitionKey: { name: 'pk', type: dynamodb.AttributeType.STRING },
-  contributorInsights: true,
+  contributorInsightsSpecification: {
+    enabled: true,
+    mode: dynamodb.ContributorInsightsMode.ACCESSED_AND_THROTTLED_KEYS,
+  },
 });
 ```
 
-When you use `Table`, you can enable contributor insights for a table or specific global secondary index by setting `contributorInsightsEnabled` to `true`.
+When you use `Table`, you can enable contributor insights for a table or specific global secondary index by setting `contributorInsightsSpecification` parameter `enabled` to `true`.
 
 ```ts
 const table = new dynamodb.Table(this, 'Table', {
   partitionKey: { name: 'pk', type: dynamodb.AttributeType.STRING },
-  contributorInsightsEnabled: true, // for a table
+  contributorInsightsSpecification: { // for a table
+    enabled: true,
+    mode: dynamodb.ContributorInsightsMode.THROTTLED_KEYS, // only emit throttling events
+  },
 });
 
 table.addGlobalSecondaryIndex({
-  contributorInsightsEnabled: true, // for a specific global secondary index
+  contributorInsightsSpecification: { // for a specific global secondary index
+    enabled: true,
+  },
   indexName: 'gsi',
   partitionKey: { name: 'pk', type: dynamodb.AttributeType.STRING },
 });

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/integ.dynamodb-v2.cci.ts

@@ -0,0 +1,49 @@
+import { App, Stack, StackProps } from 'aws-cdk-lib';
+import { Construct } from 'constructs';
+import * as dynamodb from 'aws-cdk-lib/aws-dynamodb';
+import { IntegTest } from '@aws-cdk/integ-tests-alpha';
+
+const app = new App();
+
+class TestStack extends Stack {
+  constructor(scope: Construct, id: string, props?: StackProps) {
+    super(scope, id, props);
+
+    new dynamodb.TableV2(this, 'TableV2', {
+      partitionKey: { name: 'hashKey', type: dynamodb.AttributeType.STRING },
+      sortKey: { name: 'sortKey', type: dynamodb.AttributeType.NUMBER },
+      globalSecondaryIndexes: [
+        {
+          indexName: 'gsi',
+          partitionKey: { name: 'gsiHashKey', type: dynamodb.AttributeType.STRING },
+        },
+      ],
+      contributorInsightsSpecification: {
+        enabled: true,
+        mode: dynamodb.ContributorInsightsMode.ACCESSED_AND_THROTTLED_KEYS,
+      },
+      replicas: [
+        {
+          region: 'eu-west-2',
+          contributorInsightsSpecification: {
+            enabled: false,
+          },
+          globalSecondaryIndexOptions: {
+            gsi: {
+              contributorInsightsSpecification: {
+                enabled: true,
+                mode: dynamodb.ContributorInsightsMode.THROTTLED_KEYS,
+              },
+            },
+          },
+        },
+      ],
+    });
+  }
+}
+
+const stack = new TestStack(app, 'CCI-Integ-Test', { env: { region: 'eu-west-1' } });
+
+new IntegTest(app, 'table-v2-CCI-test', {
+  testCases: [stack],
+});

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/integ.dynamodb.cci.ts

@@ -0,0 +1,27 @@
+import { App, Stack, StackProps } from 'aws-cdk-lib';
+import { Construct } from 'constructs';
+import * as dynamodb from 'aws-cdk-lib/aws-dynamodb';
+import { IntegTest } from '@aws-cdk/integ-tests-alpha';
+
+const app = new App();
+
+class TestStack extends Stack {
+  constructor(scope: Construct, id: string, props?: StackProps) {
+    super(scope, id, props);
+
+    new dynamodb.Table(this, 'TableV2', {
+      partitionKey: { name: 'hashKey', type: dynamodb.AttributeType.STRING },
+      sortKey: { name: 'sortKey', type: dynamodb.AttributeType.NUMBER },
+      contributorInsightsSpecification: {
+        enabled: true,
+        mode: dynamodb.ContributorInsightsMode.ACCESSED_AND_THROTTLED_KEYS,
+      },
+    });
+  }
+}
+
+const stack = new TestStack(app, 'CCI-Integ-Test-TableV1', { env: { region: 'eu-west-1' } });
+
+new IntegTest(app, 'table-v1-CCI-test', {
+  testCases: [stack],
+});

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-dynamodb/integ.dynamodb.contirubtor-insights-for-gsi.ts

@@ -24,12 +24,16 @@ const table = new Table(stack, TABLE, {
 });
 
 table.addGlobalSecondaryIndex({
-  contributorInsightsEnabled: true,
+  contributorInsightsSpecification: {
+    enabled: true,
+  },
   indexName: GSI_TEST_CASE_1,
   partitionKey: GSI_PARTITION_KEY,
 });
 table.addGlobalSecondaryIndex({
-  contributorInsightsEnabled: false,
+  contributorInsightsSpecification: {
+    enabled: false,
+  },
   indexName: GSI_TEST_CASE_2,
   partitionKey: GSI_PARTITION_KEY,
 });