chore: bump software.amazon.awscdk:aws-cdk-lib from 2.221.1 to 2.222.0

[dependabot]

Bumps software.amazon.awscdk:aws-cdk-lib from 2.221.1 to 2.222.0.

Release notes

Sourced from software.amazon.awscdk:aws-cdk-lib's releases.

v2.222.0

⚠ BREAKING CHANGES

• bedrock-agentcore: The signature of RuntimeAuthorizerConfiguration.usingCognito() has changed to accept IUserPool and IUserPoolClient constructs instead of string parameters, and now supports multiple clients.

Features

• apigateway: add binaryMediaTypes property to SpecRestApi (#35502) (bf10d94), closes #35498
• apigatewayv2: WebSocketStage support accessLogSettings (#34766) (dad112e), closes #21935
• bedrock-agentcore: use IUserPool and IUserPoolClient interfaces instead of string identifiers (#35860) (a38afc9), closes #35854
• core: IEnvironmentAware interface to retrieve a construct's environment (#35817) (8ee5d4b)
• elasticloadbalancingv2: create security group settings for NLB by default (under feature flag) (#34675) (ff83cfd), closes #34606 aws/aws-cdk#34606
• events-targets: support Amazon Data Firehose target using Firehose's IDeliveryStream (#33798) (a374b6b), closes #33757 #33758
• kinesisfirehose: add built-in data processors to decompress CloudWatch logs and extract messages (#33749) (5dec21e), closes #33691 #20242 aws/aws-cdk#33691
• lambda: add Java25 runtime for Lambda (#35867) (db71fac)
• lambda: add Python 3.14 runtime for Lambda (#35869) (ebef303)
• memory: add agentcore memory l2 construct (#35757) (6a2e17e)
• msk: support Express brokers (#34741) (0a69e5f), closes #32923

Bug Fixes

• agentcore: addToRolePolicy for runtime with imported role destroys and recreates policies on every deployment (#35842) (92525e4), closes #35844 40aws-cdk/aws-bedrock-agentcore-alpha/agentcore/runtime/runtime-base.ts#L253
• agentcore: custom execution role policy for runtime lacks proper permissions (#35849) (ee94b63), closes #35852 40aws-cdk/aws-bedrock-agentcore-alpha/agentcore/runtime/runtime-artifact.ts#L65 40aws-cdk/aws-bedrock-agentcore-alpha/agentcore/runtime/runtime.ts#L252-L259 /github.com/aws/aws-cdk/blob/v2.221.0/packages/aws-cdk-lib/aws-codepipeline/lib/pipeline.ts#L693 /github.com/aws/aws-cdk/blob/v2.221.0/packages/aws-cdk-lib/aws-lambda/lib/function.ts#L1468 /github.com/aws/aws-cdk/blob/v2.221.0/packages/aws-cdk-lib/aws-ecs/lib/base/base-service.ts#L1161
• dynamodb: addToResourcePolicy has no effect (#35554) (94d7e34), closes #35062
• ecs: remove empty CfnClusterCapacityProviderAssociations resource (#35783) (c8a131b), closes #35699 #35742
• iam: cannot grant lambda:InvokeFunction on ManagedPolicy or Policy via grantInvoke() method (#32984) (a07d75a), closes #32980 aws/aws-cdk#32984
• compilation failure in Go (#35871) (5e4f603), closes aws/aws-cdk#35770 #35862
• ec2: remove PassRole policy emitted by cloudwatch vpc flow destination (#35762) (c4b80df), closes #35729

---

Alpha modules (2.222.0-alpha.0)

Features

• eks-v2-alpha: eks-v2-alpha is now in developer preview (#35801) (32afc0f)

Bug Fixes

• bedrock-alpha: apply permission dependency to existing and non-existing roles (#35123) (b39ccf3), closes #35120
• eks-v2-alpha: remove hyphen from Go package name (#35927) (2cdfc8a)

Changelog

Sourced from software.amazon.awscdk:aws-cdk-lib's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

2.222.0-alpha.0 (2025-11-04)

Features

• eks-v2-alpha: eks-v2-alpha is now in developer preview (#35801) (32afc0f)

Bug Fixes

• bedrock-alpha: apply permission dependency to existing and non-existing roles (#35123) (b39ccf3), closes #35120
• eks-v2-alpha: remove hyphen from Go package name (#35927) (2cdfc8a)

2.221.1-alpha.0 (2025-10-29)

2.221.0-alpha.0 (2025-10-24)

Features

• msk-alpha: support Kafka 4.1 (#35759) (67539de)

Bug Fixes

• elasticache-alpha: cannot import Redis 7 serverless cache (#35629) (2bde1a0)

2.220.0-alpha.0 (2025-10-14)

Bug Fixes

• amplify-alpha: handle empty customResponseHeaders array (#35700) (57f9068), closes #35693

2.219.0-alpha.0 (2025-10-01)

2.218.0-alpha.0 (2025-09-29)

• elasticache-alpha: implement Serverless ElastiCache L2 Construct (#35424) (0e08c8c)

2.217.0-alpha.0 (2025-09-25)

2.216.0-alpha.0 (2025-09-22)

2.215.0-alpha.0 (2025-09-15)

Bug Fixes

... (truncated)

Commits

• 184b345 chore(release): 2.222.0 (#35939)
• b4d0a62 chore(release): update changelog
• cfc74ed chore: update analytics metadata blueprints
• 1ee40ad chore(release): 2.222.0
• dad112e feat(apigatewayv2): WebSocketStage support accessLogSettings (#34766)
• f618638 chore: fix Python TypeError: Cannot create a consistent method resolution ord...
• 2cdfc8a fix(eks-v2-alpha): remove hyphen from Go package name (#35927)
• de261c0 chore: update Contributors File (#35915)
• ee94b63 fix(agentcore): custom execution role policy for runtime lacks proper permiss...
• ebef303 feat(lambda): add Python 3.14 runtime for Lambda (#35869)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud