chore(deps): bump the aws-cdk group across 1 directory with 2 updates

[dependabot]

Bumps the aws-cdk group with 2 updates in the / directory: aws-cdk and aws-cdk-lib.

Updates aws-cdk from 2.1115.1 to 2.1120.0

Release notes

Sourced from aws-cdk's releases.

aws-cdk@v2.1120.0

2.1120.0 (2026-04-29)

Features

• cdk diagnose displays the root cause of a past stack deployment failure (#1378) (acefbf8)
• cli: cdk orphan command detaches resources from a stack, allowing resource type upgrades (behind --unstable) (#1399) (1d0866e)
• cli: add cdk deploy --method=execute-change-set for two-step deployment workflows (#1271) (5770c26)
• deps: upgrade aws-cdk-lib (#1412) (2154bb1)
• deps: upgrade aws-cdk-lib (#1418) (9b14504)

Bug Fixes

• bin field in generated package.json files serves no purpose (#1414) (9ac077d), closes #1202
• every new CloudFormation feature requires a rebootstrap (#1403) (05b05d3)

aws-cdk@v2.1119.0

2.1119.0 (2026-04-23)

Features

• cli: show diff and prompt for deploy on non-addition changes (#1372) (739f687)

Bug Fixes

• ChangeSet cannot be created due to a mismatch with existing attribute ClientToken (#1404) (2ee00f1)
• cli: suppress flags message on stdout during synth in CI mode (#1405) (4a1ac5d), closes /github.com/aws/aws-cdk-cli/blob/main/packages/aws-cdk/lib/cli/io-host/cli-io-host.ts#L411-L424 #913
• skip require-approval prompt when change set is empty (#1402) (9aac45f), closes #1401 #1387

aws-cdk@v2.1118.4

2.1118.4 (2026-04-20)

aws-cdk@v2.1118.3

2.1118.3 (2026-04-20)

Bug Fixes

• cli: deploy with no changes skips outputs and stack ARN (#1387) (b01d06a), closes #1386 #1389 #1273
• error information is lost (#1377) (6878966)

aws-cdk@v2.1118.2

... (truncated)

Commits

• acefbf8 feat: cdk diagnose displays the root cause of a past stack deployment failu...
• 5770c26 feat(cli): add cdk deploy --method=execute-change-set for two-step deployme...
• 9b14504 feat(deps): upgrade aws-cdk-lib (#1418)
• 1d0866e feat(cli): cdk orphan command detaches resources from a stack, allowing res...
• 9ac077d fix: bin field in generated package.json files serves no purpose (#1414)
• cd9585b chore(deps): upgrade dependencies (#1413)
• 05b05d3 fix: every new CloudFormation feature requires a rebootstrap (#1403)
• 2154bb1 feat(deps): upgrade aws-cdk-lib (#1412)
• 226bf10 chore: fix upgrade workflow by adding ts-node dependency (#1408)
• 2ee00f1 fix: ChangeSet cannot be created due to a mismatch with existing attribute Cl...
• Additional commits viewable in compare view

Updates aws-cdk-lib from 2.246.0 to 2.252.0

Release notes

Sourced from aws-cdk-lib's releases.

v2.252.0

Features

• core: Validations class now supports addWarning, addError, and acknowledge (#37668) (5e8083c), closes aws/aws-cdk-rfcs#899
• core: add Box API for deferred values with accurate stack traces (#37604) (d592a96)

Bug Fixes

• aws-cdk-lib: cannot be used as a bundledDependency (#37726) (6ba0598), closes #37717
• s3: resolve S3 notification removal race condition (#37708) (dc5be98), closes #37667

---

Alpha modules (2.252.0-alpha.0)

v2.251.0

⚠ BREAKING CHANGES

• ** L1 resources are automatically generated from public CloudFormation Resource Schemas. They are built to closely reflect the real state of CloudFormation. Sometimes these updates can contain changes that are incompatible with previous types, but more accurately reflect reality. In this release we have changed:

aws-elasticloadbalancing: AWS::ElasticLoadBalancing::LoadBalancer: SourceSecurityGroup attribute removed. aws-elasticloadbalancing: AWS::ElasticLoadBalancing::LoadBalancer: PolicyItem type removed. aws-elasticloadbalancing: AWS::ElasticLoadBalancing::LoadBalancer: SourceSecurityGroup type removed.

Features

• update L1 CloudFormation resource definitions (#37684) (9e6c2ef)
• lambda: add ruby 4.0 runtime (#37650) (04d4337)
• update L1 CloudFormation resource definitions (#37644) (e64f943)
• core: Validations class is the new way to add validation plugins to CDK Apps (#37611) (95696b4), closes #37613
• core: graduate policyValidationBeta1 interfaces to policyValidation (#37613) (8c613cf)
• ecs: support for service connect access log configuration (#36067) (5ad1c06)
• route53: accelerated recovery for public hosted zone (#36358) (f1b7b03)
• synthetics: support canary group (#35689) (20ccd31), closes #34043

Bug Fixes

• core: Stage.policyValidationBeta1 is mutable (#37612) (3c1faf1)
• core: construct creation stack traces are implicit (#37643) (5635c20)
• core: synth output is not valid YAML when using policy validation (#37597) (927dd60), closes #25331
• core: token stack traces expensively clutter --debug mode (#37642) (498c546)
• core: tree metadata does not contain logical ID (#37630) (284ab23)
• ec2: fixing vpc endpoint for eu-isoe-west-1 region (#37596) (555c930), closes #31690
• events-targets: make LogGroupTargetInput extend RuleTargetInput for JSII compatibility (#37451) (46dbc7a), closes #36733
• lambda: add Token.isUnresolved checks to provisioned poller config validation (#37197) (667ed30)
• stepfunctions-tasks: warn when CallAwsServiceCrossRegion endpoint is resolved from state input (#37646) (9fdf590)

---

Alpha modules (2.251.0-alpha.0)

Features

... (truncated)

Changelog

Sourced from aws-cdk-lib's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

2.252.0-alpha.0 (2026-04-29)

2.251.0-alpha.0 (2026-04-24)

Features

• bedrock-agentcore-alpha: add L2 constructs for policy and policy engine (#37238) (1e89e7e)
• bedrock-agentcore-alpha: add observability configuration for Runtime (#36689) (34b43aa), closes #36596
• bedrock-agentcore-alpha: support No Authorization for AgentCore Gateway (#36610) (f20bd8e)
• dsql-alpha: initial L2 construct (#34599) (be1a458), closes #34593

2.250.0-alpha.0 (2026-04-14)

2.249.0-alpha.0 (2026-04-10)

2.248.0-alpha.0 (2026-04-02)

2.247.0-alpha.0 (2026-04-02)

Features

• mediapackagev2-alpha: new L2 construct (#37279) (7debfb9)

2.246.0-alpha.0 (2026-03-31)

2.245.0-alpha.0 (2026-03-27)

Features

• s3tables-alpha: add support for partition spec, sort order, and table properties (#36811) (2696cd1)
• s3tables-alpha: add metrics configuration support for TableBucket (#37275) (e8786f5)
• s3tables-alpha: implement ITaggableV2 on TableBucket and Table L2 constructs (#37277) (69c8944), closes #33054

2.244.0-alpha.0 (2026-03-19)

Bug Fixes

• kinesisanalytics-flink-alpha: mark deprecated flink runtimes as deprecated (#37155) (0a89447)

2.243.0-alpha.0 (2026-03-11)

2.242.0-alpha.0 (2026-03-10)

... (truncated)

Commits

• 323844a chore: update analytics metadata blueprints
• 6ba0598 fix(aws-cdk-lib): cannot be used as a bundledDependency (#37726)
• d592a96 feat(core): add Box API for deferred values with accurate stack traces (#37604)
• 0616322 refactor(lambda-nodejs): unify code paths between local & Docker bundling (#3...
• dc5be98 fix(s3): resolve S3 notification removal race condition (#37708)
• 556f8d3 chore(core): migrate off of Beta1 properties internally (#37711)
• 5e8083c feat(core): Validations class now supports addWarning, addError, and `a...
• 9e6c2ef feat: update L1 CloudFormation resource definitions (#37684)
• 9fdf590 fix(stepfunctions-tasks): warn when CallAwsServiceCrossRegion endpoint is res...
• 04d4337 feat(lambda): add ruby 4.0 runtime (#37650)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud