konokenj.cdk-api-mcp-server 0.54.0__py3-none-any.whl → 0.56.0__py3-none-any.whl

cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-bedrock-alpha/README.md

@@ -1487,7 +1487,7 @@ Use the `grantProfileUsage` method to grant appropriate permissions to resources
 // Create an application inference profile
 const profile = new bedrock.ApplicationInferenceProfile(this, 'MyProfile', {
   applicationInferenceProfileName: 'my-profile',
-  modelSource: bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_3_5_SONNET_V1_0,
+  modelSource: bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_SONNET_4_5_V1_0,
 });
 
 // Create a Lambda function
@@ -1503,7 +1503,7 @@ profile.grantProfileUsage(lambdaFunction);
 // Use a system defined inference profile
 const crossRegionProfile = bedrock.CrossRegionInferenceProfile.fromConfig({
   geoRegion: bedrock.CrossRegionInferenceProfileRegion.US,
-  model: bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_3_5_SONNET_V1_0,
+  model: bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_SONNET_4_5_V1_0,
 });
 
 // Grant permissions to use the cross-region inference profile

cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/aws-imagebuilder-alpha/README.md

@@ -36,6 +36,250 @@ EC2 Image Builder supports AWS-managed components for common tasks, AWS Marketpl
 that you create. Components run during specific workflow phases: build and validate phases during the build stage, and
 test phase during the test stage.
 
+### Component
+
+A component defines the sequence of steps required to customize an instance during image creation (build component) or
+test an instance launched from the created image (test component). Components are created from declarative YAML or JSON
+documents that describe runtime configuration for building, validating, or testing instances. Components are included
+when added to the image recipe or container recipe for an image build.
+
+EC2 Image Builder supports AWS-managed components for common tasks, AWS Marketplace components, and custom components
+that you create. Components run during specific workflow phases: build and validate phases during the build stage, and
+test phase during the test stage.
+
+#### Basic Usage
+
+Create a component with the required properties: platform and component data.
+
+```ts
+const component = new imagebuilder.Component(this, 'MyComponent', {
+  platform: imagebuilder.Platform.LINUX,
+  data: imagebuilder.ComponentData.fromJsonObject({
+    schemaVersion: imagebuilder.ComponentSchemaVersion.V1_0,
+    phases: [
+      {
+        name: imagebuilder.ComponentPhaseName.BUILD,
+        steps: [
+          {
+            name: 'install-app',
+            action: imagebuilder.ComponentAction.EXECUTE_BASH,
+            inputs: {
+              commands: ['echo "Installing my application..."', 'yum update -y'],
+            },
+          },
+        ],
+      },
+    ],
+  }),
+});
+```
+
+#### Component Data Sources
+
+##### Inline Component Data
+
+Use `ComponentData.fromInline()` for existing YAML/JSON definitions:
+
+```ts
+const component = new imagebuilder.Component(this, 'InlineComponent', {
+  platform: imagebuilder.Platform.LINUX,
+  data: imagebuilder.ComponentData.fromInline(`
+name: my-component
+schemaVersion: 1.0
+phases:
+  - name: build
+    steps:
+      - name: update-os
+        action: ExecuteBash
+        inputs:
+          commands: ['yum update -y']
+`)
+});
+```
+
+##### JSON Object Component Data
+
+Most developer-friendly approach using objects:
+
+```ts
+
+const component = new imagebuilder.Component(this, 'JsonComponent', {
+  platform: imagebuilder.Platform.LINUX,
+  data: imagebuilder.ComponentData.fromJsonObject({
+    schemaVersion: imagebuilder.ComponentSchemaVersion.V1_0,
+    phases: [
+      {
+        name: imagebuilder.ComponentPhaseName.BUILD,
+        steps: [
+          {
+            name: 'configure-app',
+            action: imagebuilder.ComponentAction.CREATE_FILE,
+            inputs: {
+              path: '/etc/myapp/config.json',
+              content: '{"env": "production"}'
+            }
+          }
+        ]
+      }
+    ]
+  })
+});
+```
+
+##### Structured Component Document
+
+For type-safe, CDK-native definitions with enhanced properties like `timeout` and `onFailure`.
+
+###### Defining a component step
+
+You can define steps in the component which will be executed in order when the component is applied:
+
+```ts
+const step: imagebuilder.ComponentDocumentStep = {
+  name: 'configure-app',
+  action: imagebuilder.ComponentAction.CREATE_FILE,
+  inputs: imagebuilder.ComponentStepInputs.fromObject({
+    path: '/etc/myapp/config.json',
+    content: '{"env": "production"}'
+  })
+};
+```
+
+###### Defining a component phase
+
+Phases group steps together, which run in sequence when building, validating or testing in the component:
+
+```ts
+const phase: imagebuilder.ComponentDocumentPhase = {
+  name: imagebuilder.ComponentPhaseName.BUILD,
+  steps: [
+    {
+      name: 'configure-app',
+      action: imagebuilder.ComponentAction.CREATE_FILE,
+      inputs: imagebuilder.ComponentStepInputs.fromObject({
+        path: '/etc/myapp/config.json',
+        content: '{"env": "production"}'
+      })
+    }
+  ]
+};
+```
+
+###### Defining a component
+
+The component data defines all steps across the provided phases to execute during the build:
+
+```ts  
+const component = new imagebuilder.Component(this, 'StructuredComponent', {
+  platform: imagebuilder.Platform.LINUX,
+  data: imagebuilder.ComponentData.fromComponentDocumentJsonObject({
+    schemaVersion: imagebuilder.ComponentSchemaVersion.V1_0,
+    phases: [
+      {
+        name: imagebuilder.ComponentPhaseName.BUILD,
+        steps: [
+          {
+            name: 'install-with-timeout',
+            action: imagebuilder.ComponentAction.EXECUTE_BASH,
+            timeout: Duration.minutes(10),
+            onFailure: imagebuilder.ComponentOnFailure.CONTINUE,
+            inputs: imagebuilder.ComponentStepInputs.fromObject({
+              commands: ['./install-script.sh']
+            })
+          }
+        ]
+      }
+    ]
+  })
+});
+```
+
+##### S3 Component Data
+
+For those components you want to upload or have uploaded to S3:
+
+```ts
+// Upload a local file
+const componentFromAsset = new imagebuilder.Component(this, 'AssetComponent', {
+  platform: imagebuilder.Platform.LINUX,
+  data: imagebuilder.ComponentData.fromAsset(this, 'ComponentAsset', './my-component.yml'),
+});
+
+// Reference an existing S3 object
+const bucket = s3.Bucket.fromBucketName(this, 'ComponentBucket', 'my-components-bucket');
+const componentFromS3 = new imagebuilder.Component(this, 'S3Component', {
+  platform: imagebuilder.Platform.LINUX,
+  data: imagebuilder.ComponentData.fromS3(bucket, 'components/my-component.yml'),
+});
+```
+
+#### Encrypt component data with a KMS key
+
+You can encrypt component data with a KMS key, so that only principals with access to decrypt with the key are able to
+access the component data.
+
+```ts
+const component = new imagebuilder.Component(this, 'EncryptedComponent', {
+  platform: imagebuilder.Platform.LINUX,
+  kmsKey: new kms.Key(this, 'ComponentKey'),
+  data: imagebuilder.ComponentData.fromJsonObject({
+    schemaVersion: imagebuilder.ComponentSchemaVersion.V1_0,
+    phases: [
+      {
+        name: imagebuilder.ComponentPhaseName.BUILD,
+        steps: [
+          {
+            name: 'secure-setup',
+            action: imagebuilder.ComponentAction.EXECUTE_BASH,
+            inputs: {
+              commands: ['echo "This component data is encrypted with KMS"'],
+            },
+          },
+        ],
+      },
+    ],
+  }),
+});
+```
+
+#### AWS-Managed Components
+
+AWS provides a collection of managed components for common tasks:
+
+```ts
+// Install AWS CLI v2
+const awsCliComponent = imagebuilder.AwsManagedComponent.awsCliV2(this, 'AwsCli', {
+  platform: imagebuilder.Platform.LINUX
+});
+
+// Update the operating system
+const updateComponent = imagebuilder.AwsManagedComponent.updateOS(this, 'UpdateOS', {
+  platform: imagebuilder.Platform.LINUX
+});
+
+// Reference any AWS-managed component by name
+const customAwsComponent = imagebuilder.AwsManagedComponent.fromAwsManagedComponentName(
+  this,
+  'CloudWatchAgent',
+  'amazon-cloudwatch-agent-linux'
+);
+```
+
+#### AWS Marketplace Components
+
+You can reference AWS Marketplace components using the marketplace component name and its product ID:
+
+```ts
+const marketplaceComponent = imagebuilder.AwsMarketplaceComponent.fromAwsMarketplaceComponentAttributes(
+  this,
+  'MarketplaceComponent',
+  {
+    componentName: 'my-marketplace-component',
+    marketplaceProductId: 'prod-1234567890abcdef0',
+  }
+);
+```
+
 ### Infrastructure Configuration
 
 Infrastructure configuration defines the compute resources and environment settings used during the image building
@@ -92,3 +336,146 @@ const infrastructureConfiguration = new imagebuilder.InfrastructureConfiguration
   }
 });
 ```
+
+### Distribution Configuration
+
+Distribution configuration defines how and where your built images are distributed after successful creation. For AMIs,
+this includes target AWS Regions, KMS encryption keys, account sharing permissions, License Manager associations, and
+launch template configurations. For container images, it specifies the target Amazon ECR repositories across regions.
+A distribution configuration can be associated with an image or an image pipeline to define these distribution settings
+for image builds.
+
+#### AMI Distributions
+
+AMI distributions can be defined to copy and modify AMIs in different accounts and regions, and apply them to launch
+templates, SSM parameters, etc.:
+
+```ts
+const distributionConfiguration = new imagebuilder.DistributionConfiguration(this, 'DistributionConfiguration', {
+  distributionConfigurationName: 'test-distribution-configuration',
+  description: 'A Distribution Configuration',
+  amiDistributions: [
+    {
+      // Distribute AMI to us-east-2 and publish the AMI ID to an SSM parameter
+      region: 'us-east-2',
+      ssmParameters: [
+        {
+          parameter: ssm.StringParameter.fromStringParameterAttributes(this, 'CrossRegionParameter', {
+            parameterName: '/imagebuilder/ami',
+            forceDynamicReference: true
+          })
+        }
+      ]
+    }
+  ]
+});
+
+// For AMI-based image builds - add an AMI distribution in the current region
+distributionConfiguration.addAmiDistributions({
+  amiName: 'imagebuilder-{{ imagebuilder:buildDate }}',
+  amiDescription: 'Build AMI',
+  amiKmsKey: kms.Key.fromLookup(this, 'ComponentKey', { aliasName: 'alias/distribution-encryption-key' }),
+  // Copy the AMI to different accounts
+  amiTargetAccountIds: ['123456789012', '098765432109'],
+  // Add launch permissions on the AMI
+  amiLaunchPermission: {
+    organizationArns: [
+      this.formatArn({ region: '', service: 'organizations', resource: 'organization', resourceName: 'o-1234567abc' })
+    ],
+    organizationalUnitArns: [
+      this.formatArn({
+        region: '',
+        service: 'organizations',
+        resource: 'ou',
+        resourceName: 'o-1234567abc/ou-a123-b4567890'
+      })
+    ],
+    isPublicUserGroup: true,
+    accountIds: ['234567890123']
+  },
+  // Attach tags to the AMI
+  amiTags: {
+    Environment: 'production',
+    Version: '{{ imagebuilder:buildVersion }}'
+  },
+  // Optional - publish the distributed AMI ID to an SSM parameter
+  ssmParameters: [
+    {
+      parameter: ssm.StringParameter.fromStringParameterAttributes(this, 'Parameter', {
+        parameterName: '/imagebuilder/ami',
+        forceDynamicReference: true
+      })
+    },
+    {
+      amiAccount: '098765432109',
+      dataType: ssm.ParameterDataType.TEXT,
+      parameter: ssm.StringParameter.fromStringParameterAttributes(this, 'CrossAccountParameter', {
+        parameterName: 'imagebuilder-prod-ami',
+        forceDynamicReference: true
+      })
+    }
+  ],
+  // Optional - create a new launch template version with the distributed AMI ID
+  launchTemplates: [
+    {
+      launchTemplate: ec2.LaunchTemplate.fromLaunchTemplateAttributes(this, 'LaunchTemplate', {
+        launchTemplateId: 'lt-1234'
+      }),
+      setDefaultVersion: true
+    },
+    {
+      accountId: '123456789012',
+      launchTemplate: ec2.LaunchTemplate.fromLaunchTemplateAttributes(this, 'CrossAccountLaunchTemplate', {
+        launchTemplateId: 'lt-5678'
+      }),
+      setDefaultVersion: true
+    }
+  ],
+  // Optional - enable Fast Launch on an imported launch template
+  fastLaunchConfigurations: [
+    {
+      enabled: true,
+      launchTemplate: ec2.LaunchTemplate.fromLaunchTemplateAttributes(this, 'FastLaunchLT', {
+        launchTemplateName: 'fast-launch-lt'
+      }),
+      maxParallelLaunches: 10,
+      targetSnapshotCount: 2
+    }
+  ],
+  // Optional - license configurations to apply to the AMI
+  licenseConfigurationArns: [
+    'arn:aws:license-manager:us-west-2:123456789012:license-configuration:lic-abcdefghijklmnopqrstuvwxyz'
+  ]
+});
+```
+
+#### Container Distributions
+
+##### Container repositories
+
+Container distributions can be configured to distribute to ECR repositories:
+
+```ts
+const ecrRepository = ecr.Repository.fromRepositoryName(this, 'ECRRepository', 'my-repo');
+const imageBuilderRepository = imagebuilder.Repository.fromEcr(ecrRepository);
+```
+
+##### Defining a container distribution
+
+You can configure the container repositories as well as the description and tags applied to the distributed container
+images:
+
+```ts
+const ecrRepository = ecr.Repository.fromRepositoryName(this, 'ECRRepository', 'my-repo');
+const containerRepository = imagebuilder.Repository.fromEcr(ecrRepository);
+const containerDistributionConfiguration = new imagebuilder.DistributionConfiguration(
+  this,
+  'ContainerDistributionConfiguration'
+);
+
+containerDistributionConfiguration.addContainerDistributions({
+  containerRepository,
+  containerDescription: 'Test container image',
+  containerTags: ['latest', 'latest-1.0']
+});
+```

cdk_api_mcp_server/resources/aws-cdk/constructs/@aws-cdk/mixins-preview/README.md

@@ -37,6 +37,22 @@ Mixins.of(bucket)
   .apply(new AutoDeleteObjects());
 ```
 
+### Fluent Syntax with `.with()`
+
+For convenience, you can use the `.with()` method for a more fluent syntax:
+
+```typescript
+import '@aws-cdk/mixins-preview/with';
+
+const bucket = new s3.CfnBucket(scope, "MyBucket")
+  .with(new EnableVersioning())
+  .with(new AutoDeleteObjects());
+```
+
+The `.with()` method is available after importing `@aws-cdk/mixins-preview/with`, which augments all constructs with this method. It provides the same functionality as `Mixins.of().apply()` but with a more chainable API.
+
+> **Note**: The `.with()` fluent syntax is only available in JavaScript and TypeScript. Other jsii languages (Python, Java, C#, and Go) should use the `Mixins.of(...).mustApply()` syntax instead. The import requirement is temporary during the preview phase. Once the API is stable, the `.with()` method will be available by default on all constructs and in all languages.
+
 ## Creating Custom Mixins
 
 Mixins are simple classes that implement the `IMixin` interface:
@@ -109,15 +125,46 @@ const bucket = new s3.CfnBucket(scope, "Bucket");
 Mixins.of(bucket).apply(new EnableVersioning());
 ```
 
-### Generic Mixins
+### L1 Property Mixins
 
-**CfnPropertiesMixin**: Applies arbitrary CloudFormation properties
+For every CloudFormation resource, CDK Mixins automatically generates type-safe property mixins. These allow you to apply L1 properties with full TypeScript support:
 
 ```typescript
-const bucket = new s3.CfnBucket(scope, "Bucket");
-Mixins.of(bucket).apply(new CfnPropertiesMixin({ 
-  customProperty: { enabled: true }
-}));
+import '@aws-cdk/mixins-preview/with';
+import { CfnBucketPropsMixin } from '@aws-cdk/mixins-preview/aws-s3/mixins';
+
+const bucket = new s3.Bucket(scope, "Bucket")
+  .with(new CfnBucketPropsMixin({
+    versioningConfiguration: { status: "Enabled" },
+    publicAccessBlockConfiguration: {
+      blockPublicAcls: true,
+      blockPublicPolicy: true
+    }
+  }));
+```
+
+Property mixins support two merge strategies:
+
+```typescript
+// MERGE (default): Deep merges properties with existing values
+Mixins.of(bucket).apply(new CfnBucketPropsMixin(
+  { versioningConfiguration: { status: "Enabled" } },
+  { strategy: PropertyMergeStrategy.MERGE }
+));
+
+// OVERWRITE: Replaces existing property values
+Mixins.of(bucket).apply(new CfnBucketPropsMixin(
+  { versioningConfiguration: { status: "Enabled" } },
+  { strategy: PropertyMergeStrategy.OVERWRITE }
+));
+```
+
+Property mixins are available for all AWS services:
+
+```typescript
+import { CfnLogGroupMixin } from '@aws-cdk/mixins-preview/aws-logs/mixins';
+import { CfnFunctionMixin } from '@aws-cdk/mixins-preview/aws-lambda/mixins';
+import { CfnTableMixin } from '@aws-cdk/mixins-preview/aws-dynamodb/mixins';
 ```
 
 ## Error Handling
@@ -133,30 +180,3 @@ Mixins.of(scope)
 Mixins.of(scope)
   .mustApply(new EncryptionAtRest()); // Throws if no constructs support the mixin
 ```
-
-## API Reference
-
-### Core Interfaces
-
-* `IMixin` - Interface that all mixins must implement
-* `Mixins` - Main entry point for applying mixins
-* `ConstructSelector` - Selects constructs from a tree based on criteria
-* `MixinApplicator` - Applies mixins to selected constructs
-
-### Mixins
-
-* `EncryptionAtRest` - Cross-service encryption mixin
-* `AutoDeleteObjects` - S3 auto-delete objects mixin  
-* `EnableVersioning` - S3 versioning mixin
-* `CfnPropertiesMixin` - Generic CloudFormation properties mixin
-
-### Selectors
-
-* `ConstructSelector.all()` - Select all constructs
-* `ConstructSelector.cfnResource()` - Select CfnResource constructs
-* `ConstructSelector.resourcesOfType()` - Select by type
-* `ConstructSelector.byId()` - Select by ID pattern
-
-## License
-
-This project is licensed under the Apache-2.0 License.

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-apigatewayv2-integrations/integ.lambda-connect-disconnect-trigger.ts

@@ -17,7 +17,7 @@ const webSocketTableName = 'WebSocketConnections';
 
 const connectFunction = new lambda.Function(stack, 'Connect Function', {
   functionName: 'process_connect_requests',
-  runtime: lambda.Runtime.NODEJS_14_X,
+  runtime: lambda.Runtime.NODEJS_22_X,
   handler: 'index.handler',
   code: lambda.Code.fromAsset(path.join(__dirname, 'lambdas', 'connect')),
   timeout: cdk.Duration.seconds(5),
@@ -31,7 +31,7 @@ const disconnectFunction = new lambda.Function(
   'Disconnect Function',
   {
     functionName: 'process_disconnect_requests',
-    runtime: lambda.Runtime.NODEJS_14_X,
+    runtime: lambda.Runtime.NODEJS_22_X,
     handler: 'index.handler',
     code: lambda.Code.fromAsset(
       path.join(__dirname, 'lambdas', 'disconnect'),

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-cognito/README.md

@@ -480,13 +480,13 @@ new cognito.UserPool(this, 'myuserpool', {
 
 ### Threat Protection
 
-This feature is only available if your Feature Plan is set to PLUS. 
-
 Threat Protection can be set to configure enforcement levels and automatic responses for users in password-based and custom-challenge authentication flows.
 For configuration, there are 2 options for standard authentication and custom authentication.
 These are represented with properties `standardThreatProtectionMode` and `customThreatProtectionMode`.
 See the [documentation on Threat Protection](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-threat-protection.html)
 
+**Note**: Threat Protection requires the PLUS feature plan for new user pools. CDK allows you to configure threat protection settings at synthesis time, and CloudFormation will validate feature plan requirements at deployment time. Existing user pools that are grandfathered on LITE plans with threat protection enabled will continue to work.
+
 
 ### Emails
 

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ec2/README.md

@@ -1907,7 +1907,7 @@ You can configure [tag propagation on volume creation](https://docs.aws.amazon.c
 
 #### Throughput on GP3 Volumes
 
-You can specify the `throughput` of a GP3 volume from 125 (default) to 1000.
+You can specify the `throughput` of a GP3 volume from 125 (default) to 2000.
 
 ```ts
 new ec2.Volume(this, 'Volume', {

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecr/README.md

@@ -248,7 +248,7 @@ repository.addToResourcePolicy(new iam.PolicyStatement({
 }));
 ```
 
-## import existing repository
+## Import existing repository
 
 You can import an existing repository into your CDK app using the `Repository.fromRepositoryArn`, `Repository.fromRepositoryName` or `Repository.fromLookup` method.
 These methods take the ARN or the name of the repository and returns an `IRepository` object.

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-ecs/README.md

@@ -1661,9 +1661,9 @@ new ecs.Ec2Service(this, 'EC2Service', {
 
 ### Managed Instances Capacity Providers
 
-Managed Instances Capacity Providers allow you to use AWS-managed EC2 instances for your ECS tasks while providing more control over instance selection than standard Fargate. AWS handles the instance lifecycle, patching, and maintenance while you can specify detailed instance requirements.
+Managed Instances Capacity Providers allow you to use AWS-managed EC2 instances for your ECS tasks while providing more control over instance selection than standard Fargate. AWS handles the instance lifecycle, patching, and maintenance while you can specify detailed instance requirements. You can  define detailed instance requirements to control which types of instances are used for your workloads.
 
-To create a Managed Instances Capacity Provider, you need to specify the required EC2 instance profile, and networking configuration. You can also define detailed instance requirements to control which types of instances are used for your workloads.
+See [ECS documentation for Managed Instances Capacity Provider](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/managed-instances-capacity-providers-concept.html) for more documentation.
 
 ```ts
 declare const vpc: ec2.Vpc;
@@ -1693,14 +1693,19 @@ miCapacityProvider.connections.allowFrom(ec2.Peer.ipv4(vpc.vpcCidrBlock), ec2.Po
 // Add the capacity provider to the cluster
 cluster.addManagedInstancesCapacityProvider(miCapacityProvider);
 
-const taskDefinition = new ecs.Ec2TaskDefinition(this, 'TaskDef');
+const taskDefinition = new ecs.TaskDefinition(this, 'TaskDef', {
+  memoryMiB: '512',
+  cpu: '256',
+  networkMode: ecs.NetworkMode.AWS_VPC,
+  compatibility: ecs.Compatibility.MANAGED_INSTANCES,
+});
 
 taskDefinition.addContainer('web', {
   image: ecs.ContainerImage.fromRegistry('amazon/amazon-ecs-sample'),
   memoryReservationMiB: 256,
 });
 
-new ecs.Ec2Service(this, 'EC2Service', {
+new ecs.FargateService(this, 'FargateService', {
   cluster,
   taskDefinition,
   minHealthyPercent: 100,
@@ -1761,6 +1766,41 @@ const miCapacityProvider = new ecs.ManagedInstancesCapacityProvider(this, 'MICap
     onDemandMaxPricePercentageOverLowestPrice: 10,
   },
 });
+
+```
+#### Note: Service Replacement When Migrating from LaunchType to CapacityProviderStrategy
+
+**Understanding the Limitation**
+
+The ECS [CreateService API](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateService.html#ECS-CreateService-request-launchType) does not allow specifying both `launchType` and `capacityProviderStrategies` simultaneously. When you specify `capacityProviderStrategies`, the CDK uses those capacity providers instead of a launch type. This is a limitation of the ECS API and CloudFormation, not a CDK bug.
+
+**Impact on Updates**
+
+Because `launchType` is immutable during updates, switching from `launchType` to `capacityProviderStrategies` requires CloudFormation to replace the service. This means your existing service will be deleted and recreated with the new configuration. This behavior is expected and reflects the underlying API constraints.
+
+**Workaround**
+
+While we work on a long-term solution, you can use the following [escape hatch](https://docs.aws.amazon.com/cdk/v2/guide/cfn-layer.html) to preserve your service during the migration:
+
+```ts
+declare const cluster: ecs.Cluster;
+declare const taskDefinition: ecs.TaskDefinition;
+declare const miCapacityProvider: ecs.ManagedInstancesCapacityProvider;
+
+const service = new ecs.FargateService(this, 'Service', {
+  cluster,
+  taskDefinition,
+  capacityProviderStrategies: [
+    {
+      capacityProvider: miCapacityProvider.capacityProviderName,
+      weight: 1,
+    },
+  ],
+});
+
+// Escape hatch: Force launchType at the CloudFormation level to prevent service replacement
+const cfnService = service.node.defaultChild as ecs.CfnService;
+cfnService.launchType = 'FARGATE'; // or 'FARGATE_SPOT' depending on your capacity provider
 ```
 
 ### Cluster Default Provider Strategy

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-opensearchservice/integ.opensearch.ebs.ts

@@ -7,7 +7,7 @@ class TestStack extends Stack {
   constructor(scope: Construct, id: string, props?: StackProps) {
     super(scope, id, props);
 
-    const instanceTypes = ['i4g.large.search', 'i4i.xlarge.search', 'r7gd.xlarge.search'];
+    const instanceTypes = ['i4g.large.search', 'i4i.xlarge.search', 'r7gd.xlarge.search', 'r8gd.medium.search'];
 
     instanceTypes.forEach((instanceType, index) => {
       new opensearch.Domain(this, `Domain${index + 1}`, {

cdk_api_mcp_server/resources/aws-cdk/constructs/aws-cdk-lib/aws-rds/README.md

@@ -1204,7 +1204,7 @@ const cluster = new rds.DatabaseCluster(this, 'Database', {
   }),
   writer: rds.ClusterInstance.provisioned('writer'),
   vpc,
-  cloudwatchLogsExports: ['error', 'general', 'slowquery', 'audit'], // Export all available MySQL-based logs
+  cloudwatchLogsExports: ['error', 'general', 'slowquery', 'audit', 'instance', 'iam-db-auth-error'], // Export all available MySQL-based logs
   cloudwatchLogsRetention: logs.RetentionDays.THREE_MONTHS, // Optional - default is to never expire logs
   cloudwatchLogsRetentionRole: myLogsPublishingRole, // Optional - a role will be created if not provided
   // ...