fix(deps): update boto3 to v1.43.5

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
boto3	==1.43.2 → ==1.43.5
types-boto3	==1.42.89 → ==1.43.5

---

Release Notes

boto/boto3 (boto3)

v1.43.5

Compare Source

======

• api-change:bedrock-agentcore-control: [botocore] Adds support for bring-your-own file system in AgentCore Runtime. Developers can mount Amazon S3 Files and Amazon EFS access points directly into agent sessions using filesystemConfigurations.
• api-change:endpoint-rules: [botocore] Update endpoint-rules client to latest version
• api-change:glue: [botocore] Adds support for a CustomLogGroupPrefix parameter in StartDataQualityRulesetEvaluationRun to specify custom CloudWatch log group paths, and a RulesetName filter in ListDataQualityRulesetEvaluationRuns to filter evaluation runs by ruleset name.
• api-change:imagebuilder: [botocore] The ImportDiskImage API now enforces a maximum character limit of 128 characters on the image name field.
• api-change:lexv2-models: [botocore] Amazon Lex V2 introduces audio filler support for speech-to-speech bots. Configure melody or typing sounds that play during backend processing to reduce perceived latency and maintain a natural conversational experience for callers.
• api-change:mwaa: [botocore] Amazon MWAA now supports a PublicAndPrivate webserver access mode. The Airflow web server is accessible over both public and private endpoints, enabling workers in VPCs without internet access to reach the Task API privately while retaining public access to the Airflow UI.
• api-change:s3: [botocore] Validate outpost access point resource name
• api-change:sagemaker: [botocore] Amazon SageMaker HyperPod now returns ImageVersionStatus in DescribeCluster, DescribeClusterNode, and ListClusterNodes responses, indicating whether cluster instances are running the latest available image version.
• api-change:securityhub: [botocore] Release GenerateRecommendedPolicyV2 and GetRecommendedPolicyV2 APIs. This supports generating and retrieving policy recommendations to remediate unused permissions findings that are now being supported on Security Hub.

v1.43.4

Compare Source

======

• api-change:cleanroomsml: [botocore] Increase max configurable output limits in the Clean Rooms ML configured model algorithm association resource.
• api-change:cloudfront: [botocore] Adds support for tagging CloudFront Functions and KeyValueStores resources.
• api-change:marketplace-agreement: [botocore] With this release, Agreements API provides a programmatic way to generate quotes, accept offers, track charges and entitlements, manage renewals and cancellations, and streamline operations entirely through APIs without navigating to the AWS Marketplace website or AWS Management Console.
• api-change:mediatailor: [botocore] Added support for Monetization Functions. Monetization Functions let you enrich ad requests with external data and transform session parameters using JSONata expressions, without deploying custom infrastructure.
• api-change:medical-imaging: [botocore] Add support for DICOM Json Metadata Override features in startDICOMImportJob API
• api-change:opensearch: [botocore] Amazon OpenSearch Service now supports VPC egress, enabling outbound traffic from your OpenSearch domain to route privately through your VPC instead of the public internet.
• api-change:route53domains: [botocore] This release adds the TLDInMaintenance exception.
• api-change:sagemaker: [botocore] Adds support for ml.p5.4xlarge instance type for SageMaker Studio JupyterLab and CodeEditor apps for IAD (us-east-1), NRT (ap-northeast-1), BOM (ap-south-1), CGK (ap-southeast-3), GRU (sa-east-1), PDX (us-west-2), CMH (us-east-2).

v1.43.3

Compare Source

======

• api-change:bedrock-agentcore-control: [botocore] Amazon Bedrock AgentCore gateways now support MCP Sessions and response streaming from MCP targets. Session timeouts can be set between 15 minutes and 8 hours, and response streaming enables forwarding stream events sent by MCP targets to gateway users.
• api-change:ec2: [botocore] This feature allows customers to change the tunnel bandwidth on existing VPN connections using the ModifyVpnConnectionOptions API
• api-change:geo-routes: [botocore] Added support for TravelTimeExceedsDriverWorkHours, ViolatedBlockedRoad, and ViolatedVehicleRestriction notice codes to the CalculateRoutes API response.
• api-change:lex-models: [botocore] Lex V1 is deprecated, use Lex V2 instead
• api-change:logs: [botocore] Adding an additional optional deliverySourceConfiguration field to PutDeliverySource API. This enables customers to pass service-specific configurations through IngestionHub such as tracing enablement or sampling rates that will be propagated to the source resource.
• api-change:medialive: [botocore] Updates the type of the MediaLiveRouterOutputConnectionMap.
• api-change:securityagent: [botocore] AWS Security Agent is adding a new target domain verification method for private VPC penetration testing. Additionally, the target domain resource will now have a verification status reason field to surface additional details about domain verification
• api-change:vpc-lattice: [botocore] Amazon VPC Lattice now supports privately resolvable DNS resources

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • "on saturday"
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Coverage report

This PR does not seem to contain any modification to coverable code.

[github-actions]

Diff for stage: DefaultStage

Diff for stack: GitHubOidcStack - 0 to add, 1 to update, 0 to destroy 🟡

Details

Resources
[~] Custom::AWSCDKOpenIdConnectProvider GitHubOidcProvider7EBF861F
 ├─ [~] CodeHash
 │   ├─ [-] 62fa02efcaa700e1c247e1d3cc2aa0cd07a0808a9a3e3d2230e51f57a02233fb
 │   └─ [+] d75c48c9f82cde63e9bf414df335e84e8ac24f11eb34889be255b702aec71e50
 └─ [~] RejectUnauthorized
[~] AWS::Lambda::Function CustomAWSCDKOpenIdConnectProviderCustomResourceProviderHandlerF2C543E0
 ├─ [~] Code
 │   └─ [~] .S3Key:
 │       ├─ [-] 62fa02efcaa700e1c247e1d3cc2aa0cd07a0808a9a3e3d2230e51f57a02233fb.zip
 │       └─ [+] d75c48c9f82cde63e9bf414df335e84e8ac24f11eb34889be255b702aec71e50.zip
 └─ [~] Metadata
     └─ [~] .aws:asset:path:
         ├─ [-] asset.62fa02efcaa700e1c247e1d3cc2aa0cd07a0808a9a3e3d2230e51f57a02233fb
         └─ [+] asset.d75c48c9f82cde63e9bf414df335e84e8ac24f11eb34889be255b702aec71e50

Diff for stack: Service-prod - 0 to add, 0 to update, 0 to destroy ✅

Details

Resources
[~] AWS::Lambda::Function AuthApiHandlerED50ACFA
 ├─ [~] Code
 │   └─ [~] .S3Key:
 │       ├─ [-] 1a8563d43abe9c719c01bef92ce3c067de37effdfccb361bb5cb8b9933030ca1.zip
 │       └─ [+] 77e260c0a357884b8d9374e8a8aaa646a02819f7d0a7efd90561d5d55fd55ee6.zip
 └─ [~] Metadata
     └─ [~] .aws:asset:path:
         ├─ [-] asset.1a8563d43abe9c719c01bef92ce3c067de37effdfccb361bb5cb8b9933030ca1
         └─ [+] asset.77e260c0a357884b8d9374e8a8aaa646a02819f7d0a7efd90561d5d55fd55ee6
[~] AWS::Lambda::Function TokenApiHandler2E66DB25
 ├─ [~] Code
 │   └─ [~] .S3Key:
 │       ├─ [-] 1a8563d43abe9c719c01bef92ce3c067de37effdfccb361bb5cb8b9933030ca1.zip
 │       └─ [+] 77e260c0a357884b8d9374e8a8aaa646a02819f7d0a7efd90561d5d55fd55ee6.zip
 └─ [~] Metadata
     └─ [~] .aws:asset:path:
         ├─ [-] asset.1a8563d43abe9c719c01bef92ce3c067de37effdfccb361bb5cb8b9933030ca1
         └─ [+] asset.77e260c0a357884b8d9374e8a8aaa646a02819f7d0a7efd90561d5d55fd55ee6
[~] AWS::Lambda::Function ProfileApiHandler9B65A298
 ├─ [~] Code
 │   └─ [~] .S3Key:
 │       ├─ [-] 1a8563d43abe9c719c01bef92ce3c067de37effdfccb361bb5cb8b9933030ca1.zip
 │       └─ [+] 77e260c0a357884b8d9374e8a8aaa646a02819f7d0a7efd90561d5d55fd55ee6.zip
 └─ [~] Metadata
     └─ [~] .aws:asset:path:
         ├─ [-] asset.1a8563d43abe9c719c01bef92ce3c067de37effdfccb361bb5cb8b9933030ca1
         └─ [+] asset.77e260c0a357884b8d9374e8a8aaa646a02819f7d0a7efd90561d5d55fd55ee6
[~] AWS::Lambda::Function ApiHandler5E7490E8
 ├─ [~] Code
 │   └─ [~] .S3Key:
 │       ├─ [-] 1a8563d43abe9c719c01bef92ce3c067de37effdfccb361bb5cb8b9933030ca1.zip
 │       └─ [+] 77e260c0a357884b8d9374e8a8aaa646a02819f7d0a7efd90561d5d55fd55ee6.zip
 └─ [~] Metadata
     └─ [~] .aws:asset:path:
         ├─ [-] asset.1a8563d43abe9c719c01bef92ce3c067de37effdfccb361bb5cb8b9933030ca1
         └─ [+] asset.77e260c0a357884b8d9374e8a8aaa646a02819f7d0a7efd90561d5d55fd55ee6
[~] AWS::Lambda::Function ChannelApiHandler02759D57
 ├─ [~] Code
 │   └─ [~] .S3Key:
 │       ├─ [-] fb24ea509f2c9602ffb81ed2122633bd69c6354af0a095e16717118652e32ab5.zip
 │       └─ [+] 7c5c320757b918ebfdbba6f57fde4ced37cbfe9ce72c5afc5ac076f548260c74.zip
 └─ [~] Metadata
     └─ [~] .aws:asset:path:
         ├─ [-] asset.fb24ea509f2c9602ffb81ed2122633bd69c6354af0a095e16717118652e32ab5
         └─ [+] asset.7c5c320757b918ebfdbba6f57fde4ced37cbfe9ce72c5afc5ac076f548260c74

No Changes for stack: Frontend-prod ✅
No Changes for stack: Monitoring-prod ✅

Generated for commit d862d05 at 2026-05-06T22:31:02.583Z