Update dependency moto to v5

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
moto (changelog)	==4.2.6 -> ==5.0.28

---

Release Notes

getmoto/moto (moto)

v5.0.28

Compare Source

Docker Digest for 5.0.28: sha256:d3532929e4c498334949a014e9f0af6617ec1e89d92be690cd192fa3354ad7e6

* General:
    * Bootstrapping a CDK project is now supported

* New Services:
    * S3 Tables:
        * create_namespace()
        * create_table()
        * create_table_bucket()
        * delete_namespace()
        * delete_table()
        * delete_table_bucket()
        * get_metadata_location()
        * get_table()
        * get_table_bucket()
        * list_namespaces()
        * list_table_buckets()
        * list_tables()
        * rename_table()
        * update_metadata_location()

* Miscellaneous:
    * DynamoDB: delete_item() now returns ConsumedCapacity
    * DynamoDB: transact_write_items() now returns a ReturnValuesOnConditionCheckFailure for all operations
    * ECR: Lifecycle Policies() now support the tagPatternList-parameter
    * S3: get_object() now returns the ETag when returning a 304 (Not Modified)
    * SecretsManager: get_secret_value() no longer throws an error after calling rotate_secret(RotateImmediately=False)
    * SecretsManager: list_secrets() now filters values with special chars correctly
    * Organizations: list_roots() now returns the roots of the parent organization, if called from within a child organization

v5.0.27

Compare Source

Docker Digest for 5.0.27: sha256:ac5312f68c6b748b667526025f9e7a8c2e4112837c258eee68f96fa36d9dbbef

New Methods:
    * Glue:
        * create_dev_endpoint()
        * get_dev_endpoint()
        * get_dev_endpoints()

    * KMS:
        * generate_mac()
        * list_key_rotations()
        * rotate_key_on_demand()
        * verify_mac()

    * SES:
        * delete_configuration_set()
        * list_configuration_sets()

    * SESv2:
        * create_configuration_set()
        * create_dedicated_ip_pool()
        * delete_configuration_set()
        * delete_dedicated_ip_pool()
        * get_configuration_set()
        * get_dedicated_ip_pool()
        * list_configuration_sets()
        * list_dedicated_ip_pools()

Miscellaneous:
    * Introduced a new setting for ServerMode, `MOTO_DISABLE_GLOBAL_CORS`. Disabling the global CORS setting makes it possible to test the CORS-policies on S3 buckets
    * ElastiCache: create_user() now supports the AuthenticationMode-parameter
    * ElasticSearch/OpenSearch: list_domain_names() now returns domains from both services
    * Kafka: list_clusters_v2() now returns all parameters
    * Scheduler: The `schedule_expression_timezone` now defaults to UTC
    * RDS: create_db_instance() now throws an exception if an instance with that ID already exists
    * RDS: restore_db_instance_from_db_snapshot() now throws an exception if an instance with that ID already exists

v5.0.26

Compare Source

Docker Digest for 5.0.26: sha256:1cae28be97cc87151ecabb531d1507b8dd3d52d3636b86143a16cccf4b5fcf43

New Services:
    * Kinesis:
        * delete_resource_policy()
        * get_resource_policy()
        * put_resource_policy()

Miscellaneous:
    * DynamoDB: transact_write_items() now validates empty ExpressionAttributeValues
    * Logs: describe_log_groups() now returns the logStreamArn-property
    * Organizations now has additional validation around creation and deletion of organizations and accounts
    * SecretsManager: list_secrets() now properly splits words when filtering
    * StepFunctions: describe_state_machine() now takes Version ARN's
    * StepFunctions: describe_state_machine() now returns the versionDescription

v5.0.25

Compare Source

Docker Digest for 5.0.25: sha256:1ac2d89ce8c79a6cdfebffb37678a5bd8bb54a39dcbced069f6ac5e29e4cc752

New Services:
    * DSQL:
        * create_cluster()
        * get_cluster()

Miscellaneous:
    * IOTData: update_thing_shadow() now better calculates the delta between the desired and reported values
    * S3: select_object_content() now returns the proper Stats (BytesScanned, BytesReturned)
    * StepFunctions: Various upgrades for the emulated parser

v5.0.24

Compare Source

Docker Digest for 5.0.24: sha256:68042b17e9a55c7a32347f802b7a02f2793201b4f1c788ca0e85084f5218c233

Miscellaneous:
    * EC2: Terminating instances will now release private ip addresses from the NIC's attached to the interface
    * S3: Fixes a bug in complete_multipart_upload() where it was no longer possible to overwrite an earlier multipart upload (Broken in 5.0.23)
    * S3: get_object_cors() now correctly returns the ExposeHeader-value

v5.0.23

Compare Source

Docker Digest for 5.0.23: sha256:d41e007bb1f7d41b530959ae9cbed1edf42737ee839faf8da7e925bf19f63105

New Services:
    * Kafka:
        * create_cluster()
        * create_cluster_v2()
        * describe_cluster()
        * describe_cluster_v2()
        * delete_cluster()
        * list_clusters()
        * list_clusters_v2()
        * list_tags_for_resource()
        * tag_resource()
        * untag_resource()

New Methods:
    * DirectConnect:
        * associate_mac_sec_key()
        * create_lag()
        * describe_lags()
        * describe_settings()
        * disassociate_mac_sec_key()
        * update_settings()

    * EFS:
        * describe_file_system_policy()
        * put_file_system_policy()

    * ES:
        * describe_elasticsearch_domains()

    * OpenSearch:
        * describe_domains()

Miscellaneous:
    * Athena: list_query_executions() now supports the WorkGroup-parameter
    * Athena: start_query_execution() now supports the WorkGroup-parameter
    * CloudFormation: AWS::IAM::Role now supports updates
    * CognitoIDP: list_users() now correctly filters before applying the Limit
    * DirectConnect: describe_trusts() no longer requires a DirectoryId-parameter
    * DynamoDB: The DeleteProtectionEnabled can now be disabled
    * DynamoDB: update_item() can now return list of binaries
    * EC2: SecurityGroups now contain a SecurityGroupArn
    * EC2: update_route() now correctly handles DestinationPrefixListId
    * KMS: get_public_key() now supports passing in aliases
    * Lambda: publish_function() now publishes a function even if the updated code hasn't changed
    * MemoryDB: tag_resource/list_tags_for_resource() now supports Snapshots and SubnetGroups
    * RDS: copy_db_snapshot() now supports the CopyTags-parameter
    * RDS: copy_db_snapshot() now accepts ARN's as the SourceSnapshotIdentifier
    * RDS: restore_db_instance_from_db_snapshot() now accepts ARN's as the SourceSnapshotIdentifier
    * S3: complete_multipart_upload() now supports IfNoneMatch-parameter

v5.0.22

Compare Source

Docker Digest for 5.0.22: sha256:a51561b8b9d94918788cb89799d37a34c4bcdf4669f081014b3a2df6b4fc0a11

Miscellaneous:
    * DS: enable_ldaps() is now supported for 'ADConnector' directory types
    * EC2: Resource identifiers are now 17 characters long, up from 8, in-line with the values that AWS returns
    * ECS: create_service() now supports and validates the networkConfiguration-parameter
    * ELBv2: register_targets() now validates that instances are running
    * IOTData: update_thing_shadow() now properly handles complex nested deltas
    * MediaLive: list_channels() and list_inputs() now support pagination
    * OpenSearch: create_domain() now returns the EngineVersion in the correct format
    * ResourceGroupsTaggingAPI: get_resources() now returns secrets from SecretsManager
    * S3: put_object_acl() now sends an EventBridge-notification
    * SecretsManager: list_secrets() no longer shows deleted secrets unless the `include_planned_deletion`-parameter is set
    * WAFv2: list_ip_sets(), list_logging_configurations(), list_rule_groups(), list_tags_for_resource(), list_web_acls() now all support pagination

v5.0.21

Compare Source

Docker Digest for 5.0.21: sha256:9ba3753fddbe2445667a1261a04dc92e75d9c329a1f2d0610f1dd8bb1c4f4eca

New Methods:
    * IOT:
        * create_job_template()
        * create_role_alias()
        * delete_job_template()
        * delete_role_alias()
        * describe_job_template()
        * describe_role_alias()
        * get_indexing_configuration()
        * list_job_templates()
        * list_role_aliases()
        * update_indexing_configuration()
        * update_role_alias()

Miscellaneous:
    * Batch: list_jobs() now supports the arrayJobId-parameter
    * CloudFormation now supports the types AWS::IoT::JobTemplate, AWS::IoT::RoleAlias
    * DynamoDB: ProjectionExpressions are now validated for duplicate values
    * DynamoDB: scan() now supports parallelization using the Segment/TotalSegments parameters
    * DynamoDB: update_item() now validates when an ADD/DELETE occurs on the same set
    * EC2: create_fleet() now correctly handles Overrides with a single value
    * ECR: list_images() now lists images with multiple tags separately
    * IOT: create_job() now supports the parameters abortConfig, jobExecutionsRetryConfig, schedulingConfig, timeoutConfig
    * S3: get_object_attributes() no longer throws an error for Glacier objects

v5.0.20

Compare Source

Docker Digest for 5.0.20: sha256:a1041f318c56ed341c70541647b256d40dae776ce654ca4db9d27d94600542a1

Miscellaneous:
    * Removed runtime-dependency on `typing_extensions`

v5.0.19

Compare Source

Docker Digest for 5.0.19: sha256:5d857d7ce17a9b1dadea166d8e0d310771983f026334a555a9d2690a370cf904

New Methods:
    * ELBv2:
        * describe_listener_attributes()
        * modify_listener_attributes()

    * Panorama:
        * create_application_instance()
        * describe_application_instance()
        * describe_application_instance_details()
        * list_application_instances()

    * WAFv2:
        * create_rule_group()
        * delete_rule_group()
        * get_rule_group()
        * update_rule_group()

Miscellaneous:
    * CloudFormation now supports the types AWS::IoT::Thing, AWS::IoT::ThingType, AWS::IoT::Policy
    * EC2: Key Pairs now use the correct algorithm to calculate the fingerprint
    * ELBv2: modify_lb_attr() now supports zonal-shift config
    * ECS: create_task_set() now actually creates tasks
    * Lambda: The MOTO_DOCKER_LAMBDA_IMAGE config option now accepts full image names, including the tag
    * Lambda: Events send to DynamoDB now have the correct eventName
    * Organizations: describe_organization() now describes the parent account (if applicable)
    * WAFv2: create_web_acl() now supports additional parameters (AssociationConfig, CaptchaConfig, ChallengeConfig, CustomResponseBodies, TokenDomains)
    * WAFv2: delete_web_acl() now supports the LockToken-parameter
    * WAFv2: update_web_acl() now supports additional parameters (LockToken, AssociationConfig, CaptchaConfig, ChallengeConfig, CustomResponseBodies, TokenDomains)

v5.0.18

Compare Source

Docker Digest for 5.0.18: sha256:62423941446f8863f499ebdfd04c1d1743b5afd84c3837799df7ce08ce3bb750

New Methods:
    * RDS:
        * delete_db_proxy()
        * deregister_db_proxy_targets()
        * describe_db_proxy_target_groups()
        * describe_db_proxy_targets()
        * modify_db_proxy_target_group()
        * register_db_proxy_targets()

Miscellaneous:
    * CloudFormation: create_change_set() now supports the UsePreviousTemplate-parameter
    * CognitoIDP: MFA-related features (like AssociateSoftwareToken) now also work with non-Python SDK's
    * ECS: update_service() now correctly sets the createdAt/updatedAt values when forceNewDeployment=True
    * ELBv2: remove_tags() now throws a ResourceNotFound Exception

v5.0.17

Compare Source

Docker Digest for 5.0.17: sha256:39372432cb24ab46211ca45648ca787e104589070b0d0a13ea0d73c6eb550079

New Methods:
    * CloudFront:
        * create_key_group()
        * create_public_key()
        * delete_public_key()
        * get_key_group()
        * get_public_key()
        * list_key_groups()
        * list_public_keys()

    * QuickSight:
        * list_user_groups()
        * search_groups()
        * update_user()

    * Workspaces Web:
        * list_tags_for_resource()
        * tag_resource()
        * untag_resource()

Miscellaneous:
    * APIGateway: get_api_keys()/get_usage_plan_keys() now support the nameQuery param
    * AppSync: create_graphql_api() now supports the visibility-parameter
    * DynamoDB: delete_item() now returns the item when a ConditionalCheckFailed is thrown and ReturnValuesOnConditionCheckFailure == ALL_OLD
    * QuickSight: Users can now have special characters in their name
    * QuickSight: list_group_memberships() now supports pagination
    * QuickSight: list_groups() now supports pagination
    * QuickSight: list_users() now supports pagination
    * SageMaker: search() now also supports ModelPackages/Pipelines/Jobs/Executions
    * SecretsManager: delete_secret() now allows force deletion of already marked-for-delete secret
    * StepFunctions: create_state_machine() now supports the parameters encryptionConfiguration, tracingConfiguration, loggingConfiguration

v5.0.16

Compare Source

Docker Digest for 5.0.16: sha256:9506ad3448a87082a436533855c61afaf3f1869e73f39f6575917db975569908

New Services:
    * OpenSearch Ingestion Service:
        * create_pipeline()
        * delete_pipeline()
        * get_pipeline()
        * list_pipelines()
        * list_tags_for_resource()
        * start_pipeline()
        * stop_pipeline()
        * tag_resource()
        * untag_resource()
        * update_pipeline()

New Methods:
    * CloudFront:
        * get_invalidation()

    * Directory Service:
        * create_trust()
        * delete_trust()
        * describe_ldaps_settings()
        * describe_trusts()
        * disable_ldaps()
        * enable_ldaps()

    * EC2: 
        * modify_ebs_default_kms_key_id()

Miscellaneous:
    * CloudFormation: AWS::ECS::TaskDefinition now correctly validates the provided memory parameters
    * EC2: create_network_acl_entry() now supports the Ipv6CidrBlock-parameter 
    * EC2: create_tags() now takes existing tags into account before throwing a TagLimitExceeded-exception
    * Firehose: put_record_batch() no longer fails when the SnowflakeDestinationConfiguration-parameter is set
    * FSx: The FileSystemID now uses the same pattern as AWS (fs-xxxxxxxx)
    * GuardDuty: create_detector() now supports the Features-parameter
    * Polly has been updated with the latest voices
    * RDS: modify_option_groups() now correctly parses OptionsToInclude
    * ResourceGroupsTaggingAPI: get_resources() now supports EC2 NAT Gateways, route tables, subnets
    * Scheduler: create_chedule() now validates the start_date-parameter for recurrent schedule expressions
    * SNS: publish() and publish_batch now support MessageStructure=json
    * WAFv2: associate_web_acl() now allows any resource to be associated

v5.0.15

Compare Source

Docker Digest for 5.0.15: sha256:9d78f63668017ca6eb9bdb415418d8077e1e503a1e81edb4657f93cf7ff34be1

New Services:
    * MemoryDB:
        * create_cluster()
        * create_snapshot()
        * create_subnet_group()
        * delete_cluster()
        * delete_snapshot()
        * delete_subnet_group()
        * describe_clusters()
        * describe_snapshots()
        * describe_subnet_groups()
        * list_tags()
        * tag_resource()
        * untag_resource()
        * update_cluster()

    * WorkspacesWeb:
        * associate_browser_settings()
        * associate_network_settings()
        * associate_user_access_logging_settings()
        * associate_user_settings()
        * create_browser_settings()
        * create_network_settings()
        * create_portal()
        * create_user_access_logging_settings()
        * create_user_settings()
        * delete_browser_settings()
        * delete_network_settings()
        * delete_portal()
        * delete_user_access_logging_settings()
        * delete_user_settings()
        * get_browser_settings()
        * get_network_settings()
        * get_portal()
        * get_user_access_logging_settings()
        * get_user_settings()
        * list_browser_settings()
        * list_network_settings()
        * list_portals()
        * list_user_access_logging_settings()
        * list_user_settings()

New Methods:
    * ApiGateway:
        * get_account()
        * update_account()

    * AppSync:
        * create_api_cache()
        * delete_api_cache()
        * get_api_cache()

Miscellaneous:
    * DynamoDB: get/delete/update_item() now validates all provided keys exist
    * Firehose: create_delivery_stream() now supports the SnowflakeDestinationConfiguration-parameter
    * S3: put_object() now support conditional writes

v5.0.14

Compare Source

Docker Digest for 5.0.14: sha256:5399ffa0daadd1eb6c00250ec64453675f9635d0a210563f43c26b43e0dfd178

General:
    * All JSON files in the binary distribution are shipped compressed, significantly reducing the size on disk

New Services:
    * Shield:
        * create_subscription()
        * describe_subscription()

    * TimestreamQuery:
        * create_scheduled_query()
        * delete_scheduled_query()
        * describe_endpoints()
        * describe_scheduled_query()
        * query()
        * update_scheduled_query()

New Methods:
    * AppMesh:
        * create_virtual_node()
        * delete_virtual_node()
        * describe_virtual_node()
        * list_virtual_nodes()
        * update_virtual_node()
        * create_virtual_router()
        * delete_virtual_router()
        * describe_virtual_router()
        * list_virtual_routers()
        * update_virtual_router()
        * create_route()
        * delete_route()
        * describe_route()
        * list_routes()
        * update_route()

Miscellaneous:
    * CloudFormation templates now support the Fn::Base64-function
    * CognitoIDP: Enhanced support for MFA flows/challenges
    * DynamoDB: update_item() now validates empty string sets
    * EC2: describe_snapshots() now supports the kms-key-id filter
    * EC2: run_instances() now supports the parameter Ipv6AddressCount
    * ECS: Tasks can now be created with unknown security groups
    * IAM: generate_credentials_report() now shows active certificates
    * KMS: sign() now supports Alias ARNs
    * Route53: list_resource_record_sets() now validates record names
    * S3: create_bucket() now has additional LocationConstraint-validation
    * S3: delete_objects() now respects BucketPolicy and ObjectLocks
    * S3: head_object() now handles Range-parameter correctly
    * SageMaker: search() now supports the CONTAINS filter
    * Sagemaker Runtime: invoke_endpoint_async() now supports failure responses
    * SNS: Signature of HTTP Messages are now valid
    * SSM: get_maintenance_window() now returns an exception if the window does not exist
    * SQS: delete_message_batch() now validates there's at least one entry

v5.0.13

Compare Source

Docker Digest for 5.0.13: sha256:de97faba597d8f1bfb4dab1c7d562e1997ac5e0ba1186c4392430650b0f6bd4e

General:
    * Support for Python 3.13
    * Moto now supports whitelisting which services can be used

New Services:
    * AppMesh:
        * create_mesh()
        * delete_mesh()
        * describe_mesh()
        * list_meshes()
        * list_tags_for_resource()
        * tag_resource()
        * update_mesh()

    * Transfer:
        * create_server()
        * create_user()
        * delete_server()
        * delete_ssh_public_key()
        * delete_user()
        * describe_server()
        * describe_user()
        * import_ssh_public_key()

New Methods:
    * Athena:
        * delete_work_group()

    * CodeBuild:
        * batch_get_projects()

    * DynamoDB:
        * delete_resource_policy()
        * get_resource_policy()
        * put_resource_policy()

    * EMR:
        * get_block_public_access_configuration()
        * put_block_public_access_configuration()

    * QLDB:
        * create_ledger()
        * delete_ledger()
        * describe_ledger()
        * list_tags_for_resource()
        * tag_resource()
        * update_ledger()

    * SageMaker:
        * create_data_quality_job_definition()
        * create_model_bias_job_definition()
        * create_model_card()
        * delete_data_quality_job_definition()
        * delete_model_bias_job_definition()
        * delete_model_card()
        * describe_data_quality_job_definition()
        * describe_model_bias_job_definition()
        * describe_model_card()
        * list_data_quality_job_definitions()
        * list_model_bias_job_definitions()
        * list_model_cards()
        * list_model_card_versions()

Miscellaneous:
    * ACM-PCA: create_certificate_authority() now uses the provided Subject
    * Athena: The default work group now has the correct configuration
    * ApplicationAutoscaling - put_scheduled_action() now allows multiple actions per Namespace/Dimension/Id
    * Autoscaling: update_group() now validates that the Group exists
    * Batch: now supports parameters in Job commands
    * CloudFormation: create_change_set() now validates the provided ChangeSetName
    * CloudFormation: describe_stacks() now returns export names in the Outputs
    * CloudFormation: AWS::Events::Rule's now also creates/deletes Targets 
    * CloudWatch: get_metric_data() now returns everything when querying for Metric Insights Queries
    * CodeBuild: create_project() now supports the parameter description, tags, cache, timeoutInMinutes, queuedTimeoutInMinutes, sourceVersion, logsConfig and vpcConfig
    * CognitoIDP: sign_up() now returns CodeDeliveryDetails
    * DynamoDB: export_table_to_point_in_time() now exports data in correct format
    * DynamoDB: update_item() now validates an empty ExpressionAttributeValues and UpdateExpression
    * DynamoDB: All applicable methods that accept a TableName-parameter now also accept the ARN of the table
    * EC2: describe_security_group_rules() now correctly exposes rules with duplicate port/protocol values
    * EC2: Terminating an instance now also terminates any NIC's
    * EventBridge: create_connection() now creates a KMS Secret
    * EventBridge: Messages are now formatted using the InputTemplate, if provided
    * KMS: describe_key() now exposes the MultiRegionConfiguration-attribute
    * Organizations: create_account() now comes preconfigured with an IAM role
    * RDS: update_db_instance() now supports the CloudwatchLogsExportConfiguration-parameter
    * ResourceGroupsTagging API now supports additional SageMaker resources
      (CompilationJobs, Domains, ModelExplainabilityJobDefinition, ModelQualityJobDefinition, HyperParameterTuningJob)
    * S3: copy_object() now respects the CopySourceIfNoneMatch-parameter
    * SageMaker: search() now supports ModelPackageGroups
    * StepFunctions now has improved JSONPath support
    * StepFunctions now supports MaxItem/MaxItemPath/MaxConcurrencyPath
    * StepFunctions now supports MaxAttempts with value 0

v5.0.12

Compare Source

Docker Digest for 5.0.12: sha256:e1bde8f908f2fdf0878c8e4398561badd016b51b4d9fd8dcb9f4daef936a4427

General:
    * The MotoProxy can now be run on Windows

New Services:
    * DirectConnect:
        * create_connection()
        * delete_connection()
        * describe_connections()
        * update_connection()

    * DynamoDB:
        * describe_export()
        * export_table_to_point_in_time()
        * list_export()

    * NetworkManager:
        * create_device()
        * create_link()
        * create_link()
        * delete_device()
        * delete_link()
        * delete_site()
        * get_devices()
        * get_links()
        * get_sites()
        * list_tags_for_resource()

    * SageMaker:
        * list_endpoints()
        * list_endpoint_configs()
        * create_auto_ml_job_v2()
        * describe_auto_ml_job_v2()
        * list_auto_ml_jobs()
        * stop_auto_ml_job()
        * create_compilation_job()
        * describe_compilation_job()
        * list_compilation_jobs()
        * delete_compilation_job()
        * create_domain()
        * describe_domain()
        * list_domains()
        * delete_domain()
        * create_model_explainability_job_definition()
        * describe_model_explainability_job_definition()
        * list_model_explainability_job_definitions()
        * delete_model_explainability_job_definition()
        * create_hyper_parameter_tuning_job()
        * describe_hyper_parameter_tuning_job()
        * list_hyper_parameter_tuning_jobs()
        * delete_hyper_parameter_tuning_job()
        * create_model_quality_job_definition()
        * describe_model_quality_job_definition()
        * list_model_quality_job_definitions()
        * delete_model_quality_job_definition()

    * Route53:
        * list_tags_for_resource()

Miscellaneous:
    * ACM: export_certificate() now only allows exporting private certificates
    * ACM: DomainValidationOptions now have SUCCESS-status, fixing the `certificate_validated` waiter
    * Athena: QueryResults are now stored in S3
    * CloudFormation: update_stack() now persists the new parameters provided
    * CloudFormation: update_stack() now understands UsePreviousValue=False
    * CloudFormation: update_stack() now throws an exception when using UsePreviousValue=True and a new parameter value
    * CloudFormation: update_stack() is now able to update resources where only the parameters have changed
    * CloudFormation: AWS::S3::Bucket resources will now create/update Tags
    * CloudFormation: AWS::S3::Bucket resources are no longer recreated for every update
    * CognitoIDP: initiate_auth() now supports USERNAME_PASSWORD_AUTH and SMS/Software Token MFA
    * CognitoIDP: initiate_auth() now returns th email in the ID-token claims
    * DynamoDB: query() now sorts the results correctly when querying GSI data with identical hash keys 
    * EC2: describe_security_group_rules() now enumerates multiple rules correctly
    * EC2: run_instances() can now use $Default or $Latest launch template version
    * Events: list_targets_by_rule() now supports pagination
    * EventBridge Scheduler - get_schedule() now returns the ActionAfterCompletion
    * Firehose: create_delivery_stream() now creates S3 files with the correct filename if no prefix is provided
    * IOT: Certificates hashes can now be computed using the DER encoding, per the AWS spec
           This is an opt-in behaviour, and can be enabled with the following configuration:
           @​mock_aws(config={"iot": {"use_valid_cert": True}})
    * ResourceGroupsTaggingAPI: tag_resources() now supports SageMaker resources
    * S3: head_object()/get_object() now support the PartNumber-argument
    * S3: put_object() now correctly enforces the BucketPolicy when creating new objects
    * SESv2: send_email() now returns the MessageId

v5.0.11

Compare Source

Docker Digest for 5.0.11: sha256:438f7fbb5fa1dff2cf0887c59466ff78bed5aaca9ea7b5cf54d6a41fc2418e28

New Methods:
    * ServiceDiscovery:
        * deregister_instance()
        * discover_instances()
        * discover_instances_revision()
        * get_instance()
        * get_instances_health_status()
        * list_instances()
        * register_instance()
        * update_http_namespace()
        * update_instance_custom_health_status()

Miscellaneous:
    * DynamoDB: transact_write_items() no longer throws a ValidationException when passing multiple set actions, only when passing multiple set clauses
    * DynamoDB: transact_write_items() no longer throws an Exception when ExpressionAttributeNames are not provided
      (Both bugs were introduced in 5.0.10)

    * IOT-data: update_thing_shadow() now calculates the delta correctly
    * ResourceGroupsTagging: get_resources() now supports EFS resources

v5.0.10

Compare Source

Docker Digest for 5.0.10: sha256:bfb9cd2a437fc7c754b3a6a66b7fb528ec1a53e0c683e8b75514bff81543cf55

General:
    * CloudFormation now supports cfn-lint v1, as well as v0

New Services:

    * FSX:
        * create_file_system()
        * delete_file_system()
        * describe_file_systems()
        * tag_resource()
        * untag_resource()

    * OpenSearch Serverless:
        * batch_get_collection()
        * create_collection()
        * create_security_policy()
        * create_vpc_endpoint()
        * delete_collection()
        * get_security_policy()
        * list_collections()
        * list_security_policies()
        * list_tags_for_resource()
        * tag_resource()
        * untag_resource()
        * update_security_policy()

    * Shield:
        * create_protection()
        * delete_protection()
        * describe_protection()
        * list_protections()
        * list_tags_for_resource()
        * tag_resource()
        * untag_resource()

New Methods:
    * Sagemaker:
        * create_cluster()
        * delete_cluster()
        * describe_cluster()
        * list_clusters()
        * list_cluster_nodes()

Miscellaneous:
    * CognitoIDP: admin_list_groups_by_user() now supports pagination
    * DynamoDB: transact_write_items() now validates the number of SET expressions
    * DynamoDB: update_item() now validates unused ExpressionAttributeValues
    * DynamoDB: query() now supports pagination when querying Global Indexes
    * EC2: describe_images() - feat: support filtering images by ExecutableUsers=['self']
    * EC2: describe_route_tables() now supports the filter `route.transit-gateway-id`
    * EC2: update_security_group_rule_descriptions_ingress() now supports updating multiple descriptions
    * EKS: create_nodegroup() now supports the `taints`-parameter
    * ELBv2: add_listener_certificates() now validates when adding too many certificates (> 25)
    * ELBv2: describe_target_health() now handles unknown/deregistered/terminated instances better
    * ResourceGroupsTaggingAPI: get_resources() now supports ResourceType=s3:bucket
    * RDS: Clusters now have the `creating`-status on create, and `available` immediately after - in line with AWS
    * SSM: get_parameter() now supports ARN's for the Name-parameter

v5.0.9

Compare Source

Docker Digest for 5.0.9: sha256:df61e4e76344017f6c82924a3dd1cdd4dcbac4095cf234c6d6fb0a0f800fbeff

General:
    * Fixed an InfiniteRecursion-bug when accessing S3-buckets that was introduced in 5.0.8

New Methods:
    * SSO-Admin:
        * list_accounts_for_provisioned_permission_set()
        * list_instances()
        * list_permission_sets_provisioned_to_account()
        * provision_permission_set()
        * update_instance()

Miscellaneous:
    * DynamoDB: query() now handles pagination correctly on a GSI without a range key
    * IAM: create_policy() now returns tags correctly
    * S3: list_objects(): The default value for MaxKeys can now be configured, using an environment variable:
      MOTO_S3_DEFAULT_MAX_KEYS=1

v5.0.8

Compare Source

Docker Digest for 5.0.8: sha256:cfcd97074011bd563cdbeebac35ed710581a23cb2be07ab9b67aa00298fc3369

General:
    * Improved support for non-generic partitions (China, GovCloud, ISO-regions). 
      All ARN's now contain the correct partition for resources created in those regions.

New Services:
    * NetworkManager:
        * create_global_network()
        * describe_global_networks()
        * create_core_network()
        * create_global_network()
        * delete_core_network()
        * list_core_networks()
        * get_core_network()
        * tag_resource()
        * untag_resource()

Miscellaneous:
    * ResilienceHub: list_app_assessments() can now return pre-configured results
    * ResourceGroupTagging: get_resources() now returns results when filtering on "lambda:function"
    * S3: delete_object_tagging()/put_object_tagging() now send an EventBridge notification

v5.0.7

Compare Source

Docker Digest for 5.0.7: sha256:81ac52ff74b0bf0f4957ee4260e6a7e75d66c9e5d040ed4f721a5500b873c88a

New Services:
    * Sagemaker Metrics:
        * batch_put_metrics()

New Methods:
    * DynamoDB:
        * describe_import()
        * import_table()

    * EMR Serverless:
        * cancel_job_run()
        * get_job_run()
        * list_job_runs()
        * start_job_run()

    * IAM:
        * tag_instance_profile()
        * untag_instance_profile()

    * Panorama:
        * create_node_from_template_job()
        * describe_node_from_template_job()
        * list_nodes()

    * SSO-Admin:
        * describe_account_assignment_creation_status()
        * describe_account_assignment_deletion_status()

    * WAFv2:
        * create_ip_set()
        * delete_ip_set()
        * list_ip_sets()
        * get_ip_set()
        * update_ip_set()
        * put_logging_configuration()
        * get_logging_configuration()
        * list_logging_configurations()
        * delete_logging_configuration()

Miscellaneous:
    * Athena: start_query_execution() now supports the ExecutionParameters-parameter
    * DynamoDB: Tables now support DeleteProtection
    * DynamoDB: update_item() no longer throws an error when deleting an item from an empty set
    * DynamoDB: update_item() no throws an error when adding an empty set
    * EC2: delete_network_acl() now throws an error when the ACL still has associations attached to it
    * EC2: describe_route_tables() now supports the `route.nat-gateway-id` filter
    * EC2: revoke_security_group_ingress/_egress() now throw an error when an unknown Security Group is passed

v5.0.6

Compare Source

Docker Digest for 5.0.6: sha256:da919d3c1db07b378c413ed00a6c1c3e32ce1943a13671658c4db0f55dd49e42

New Services:
    * Bedrock:
        * create_model_customization_job()
        * delete_custom_model()
        * delete_model_invocation_logging_configuration()
        * get_custom_model()
        * get_model_customization_job()
        * get_model_invocation_logging_configuration()
        * list_custom_models()
        * list_model_customization_jobs()
        * list_tags_for_resource()
        * put_model_invocation_logging_configuration()
        * stop_model_customization_job()
        * tag_resource()
        * untag_resource()

    * BedrockAgent:
        * create_agent()
        * create_knowledge_base()
        * delete_agent()
        * delete_knowledge_base()
        * get_agent()
        * get_knowledge_base()
        * list_agents()
        * list_knowledge_bases()
        * list_tags_for_resource()
        * tag_resource()
        * untag_resource()

New Methods:
    * EC2:
        * describe_addresses_attributes()

    * Rekognition:
        * detect_custom_labels()

    * Sagemaker:
        * update_trial_component()

Miscellaneous:
    * CloudFront: update_distribution() now supports the CacheBehaviours-parameter
    * DynamoDB: query() now acts correctly when paginating GSI tables without range keys
    * EC2: RouteTables can now have multiple propagations
    * EC2: describe_instances() now now filter by product-code and product-code.type
    * EC2: describe_security_group_rules() now validates the format of the incoming security group id's
    * ECS: update_service() now supports the loadBalancers-parameter
    * Logs: describe_metric_filter() now has the correct validation for metricNamespaces
    * IOT: search_index() now supports thingTypeName
    * SFN: send_task_failure()/send_task_success() now work correctly when using the Parser
    * SNS: subscribe() now throws an exception if the endpoint doesn't exist
    * SQS: Improved queue name validation

v5.0.5

Compare Source

Docker Digest for 5.0.5: sha256:b95cf0d65557475f29e7256938028eef352e23acafe8e07c071cd58b67c44708

General:
    * DynamoDB: scan() now returns items in a alphabetical order

New Methods:
    * SecretsManager:
        * batch_get_secret_value()

Miscellaneous:
    * ApplicationAutoscaling: put_scaling_policy() now generates CW alarms for DynamoDB and ECS
    * DynamoDB: Fix pagination for scan()/query()
    * DynamoDB: batch_write_item() now validates for duplicate DELETE or PUT requests
    * Events: put_events() now validates that input-values cannot be empty
    * IOT: create_topic_rule() now validates name-format
    * ResourceGroupsTaggingAPI: tag_resources() now supports RDS snapshots
    * SFN: Fixed a bug where the executionInput was double encoded

v5.0.4

Compare Source

Docker Digest for 5.0.4: sha256:e13e917e563bd1e3bb745b0ce914bdcc3bd4577542e13e1468eac5078774b2aa

General:
    * Lambda: The results of a Dockerless invocation can now be configured.
      See http://docs.getmoto.org/en/latest/docs/services/lambda.html

    * StepFunctions can now execute the provided StepFunctionMachine (opt-in), instead of returning static data (still the default).
      See http://docs.getmoto.org/en/latest/docs/services/stepfunctions.html

New Service:
    * ElastiCache:
        * list_tags_for_resource()

    * ResilienceHub:
        * create_app()
        * create_app_version_app_component()
        * create_app_version_resource()
        * create_resiliency_policy()
        * describe_app()
        * describe_resiliency_policy()
        * import_resources_to_draft_app_version()
        * list_app_assessments()
        * list_app_version_app_components()
        * list_app_version_resources()
        * list_app_versions()
        * list_apps()
        * list_resiliency_policies()
        * list_tags_for_resource()
        * publish_app_version()
        * tag_resource()
        * untag_resource()

    * Workspaces:
        * create_tags()
        * create_workspace_image()
        * create_workspaces()
        * deregister_workspace_directory()
        * describe_client_properties()
        * describe_tags()
        * describe_workspace_directories()
        * describe_workspace_image_permissions()
        * describe_workspace_images()
        * describe_workspaces()
        * modify_client_properties()
        * modify_selfservice_permissions()
        * modify_workspace_creation_properties()
        * register_workspace_directory()
        * update_workspace_image_permission()

Miscellaneous:
    * APIGateway: update_usage_plan() now supports some remove-operations
    * Autoscaling: describe_auto_scaling_groups() now returns a dynamic CreatedTime
    * CloudFormation: Outputs now support Conditions
    * CloudFormation: Outputs now return Descriptions
    * CognitoIDP: admin_update_user_attributes() and admin_delete_user_attributes now correctly update the UserLastModifiedDate
    * DynamoDB: query() no longer requires the LastEvaluatedKey to exist
    * EC2: describe_vpc_endpoint_services() now supports all services
    * Kinesis: list_streams() now returns StreamSummaries
    * Lambda: get_policy() now throws an error when no statements exist
    * ResourceGroupsTaggingAPI now supports DynamoDB tables
    * ResourceGroupsTaggingAPI now supports SSM documents
    * S3: EventBridge notifications are now supported for ObjectRestore:Post
    * S3: restore_object() now contains limited validation when supplying both Days- and Type-argument
    * S3: select_object_content() now supports Compressed requests and CSV responses
    * SecretsManager: list_secrets() now handles negative matches correctly
    * SNS: delete_endpoint() is now an idempotent operation, just like AWS

v5.0.3

Compare Source

Docker Digest for 5.0.3: sha256:032d8ead42f289d9700e9bc844c6d264575ad11b3f6c22cc76d65ff638c8c7bd

General:
    * New configuration options for:
      - Passing URL's through the proxy
      - Configuring DOcker-less services in ServerMode
      See http://docs.getmoto.org/en/latest/docs/configuration/index.html

New Services:
    * Route53Domains:
        * delete_domain()
        * list_domains()
        * list_operations()
        * register_domain()
        * update_domain_nameservers()

New Methods:
    * CostExplorer:
        * get_cost_and_usage()

    * ECR:
        * get_registry_scanning_configuration()

Miscellaneous:
    * ApiGateway: update_usage_plan() now supports adding apiStages
    * Athena: get_query_execution() now returns exact OutputLocation file
    * Autoscaling: describe_auto_scaling_groups() now supports the filters-argument
    * CloudFront: create_distribution() now supports CustomHeaders
    * CloudFront: update_distribution() now handles updates to DistributionConfig correctly
    * CloudFormation - Now supports creation and deletion of AWS::EMR::Cluster
    * CloudFormation - Now supports creation and deletion of AWS::EMR::SecurityConfiguration
    * CloudFormation - Now supports creation and deletion of AWS::EFS::AccessPoint
    * CloudFormation - Now supports creation and deletion of AWS::EFS::FileSystem
    * CloudFormation - Now supports creation and deletion of AWS::EMR::InstanceGroupConfig
    * CloudFormation - Now supports deletion of AWS::Logs::LogGroup
    * CloudFormation: delete_stack() now handles resource dependencies better
    * CloudWatch: put_metric_data() now supports large (compressed) requests
    * CognitoIDP: admin_initiate_auth() and respond_to_auth_challenge() now support SMS_MFA
    * DynamoDB: transact_write_items() now raises ValidationException when putting and deleting the same item
    * EC2: authorize_security_group_egress/_ingress now support the TagSpecifications-argument
    * EC2: describe_security_group_rules() now supports Tag-filters
    * S3: EventBridge notifications are now supported for ObjectCreated:POST/COPY/MULTIPART_UPLOAD and ObjectDeleted
    * SNS: subscribe() now adds support the `$or`, `equals-ignore-case` and `suffix` features in a FilterPolicy 
    * SQS: send_message() should respect DelaySeconds of 0

v5.0.2

Compare Source

Docker Digest for 5.0.2: sha256:89cc6c764d714bf76e592a61f0c06fd142f672085e1dd3a53eb734aaeb4e14e2

General:
    * Removed the `python-jose` and `sshpubkeys` dependencies in favor of `joserfc`. This removes a transitive dependency on `ecdsa`, which contains a open security vulnerability

New Methods:
    * Autoscaling:
        * batch_put_scheduled_update_group_action()
        * batch_delete_scheduled_action()

    * RDS:
        * create_db_proxy()
        * describe_db_proxies()

Miscellaneous:
    * AWSLambda: The ImageConfig.EntryPoint of a function is now used when invoking it in a Docker container
    * CognitoIDP now allows public actions even if IAM auth is enabled
    * DynamoDB: create_table() now validates the number of KeySchema-items
    * EC2: modify_image_attributes() now supports all LaunchPermissions
    * ECS: register_task_definition() now has improved validation around `memory`-parameters
    * Glue: create_database() now supports the `tags`-parameter
    * IAM: assume_user()/create_user()/get_caller_identity() now return the correct partition for China (aws-cn) when called from a Chinese region
    * ResourceGroupsTagging: get_resources() now supports ELB resources
    * Route53: list_hosted_zones() now supports pagination
    * S3: put_bucket_notification_configuration() now supports EventBridge-notifications
    * SES now returns errors in the correct format

v5.0.1

Compare Source

Docker Digest for 5.0.1: sha256:b6004b2e112c0ba870b2103049548abecec476edeac7a724ed9c71249358e821

New Methods:
    * SecretsManager:
        * remove_regions_from_replication()
        * replicate_secret_to_regions()

Miscellaneous:
    * AWSLambda: create_event_source_mapping() now supports Kinesis streams as targets
    * CloudFront: Removed error handling for InvalidOriginServer, as our validation was too strict
    * DynamoDB: batch_execute_statement() now supports for Update/Insert/Delete-statements
    * DynamoDB: query() now correctly handles calls where both Limit and ScanIndexForward are supplied
    * EC2: Now supports availability zones for eu-central-2 (Zurich)
    * S3: list_objects_v2() can now return more then 1000 results max (again)
    * S3: copy_object() now allows in-place copies when bucket versioning is enabled
    * SecretsManager: create_secrets() now supports the parameters AddReplicaRegions and ForceOverwriteReplicaSecret
    * SecretsManager: list_secrets() now supports the filters primary-region and owning-service

v5.0.0

Compare Source

Docker Digest for 5.0.0: sha256:2faf2460a6446dfe472ac0d799e00341b1c84203d08540c247a6cc09be7c54e9

General:
    * All decorators have been replaced with a single decorator:
      `mock_aws`

    * The `mock_batch_simple` and `mock_lambda_simple` decorators can now be configured using the `config`-parameter:
      `@mock_aws(config={"batch": {"use_docker": False}, "lambda": {"use_docker": False}})`

    * It is now possible to configure methods/services which should reach out to AWS.
      @​mock_aws(
          config={"core": {"mock_credentials": False, "passthrough": {"urls": [], "services": []}}}
      )

    * All requests now return a RequestId

Miscellaneous:

    * IAM: The AWS managed Policies are no longer loaded by default.
      If your application depends on these policies, tell Moto explicitly to load them like so:

      @​mock_aws(config={"iam": {"load_aws_managed_policies": True}})

      Or by setting an environment variable:
      MOTO_IAM_LOAD_MANAGED_POLICIES=true

    * S3: list_objects() now returns a hashed ContinuationToken

v4.2.14

Compare Source

Docker Digest for 4.2.14: sha256:2fa10aa48e32f85c63c62a7d437b8a4b320a56a8494bc25d45ced370bc159c23

New Services:
    * Backup:
        * create_backup_plan()
        * create_backup_vault()
        * get_backup_plan()
        * describe_backup_vault()
        * delete_backup_plan()
        * list_backup_plans()
        * list_backup_vaults()
        * list_tags()
        * tag_resource()
        * untag_resource()

New Methods:
    * RDS:
        * describe_db_cluster_snapshot_attributes()
        * describe_db_snapshot_attributes()
        * modify_db_cluster_snapshot_attribute()
        * modify_db_snapshot_attribute()
        * restore_db_instance_to_point_in_time()

    * SageMaker:
        * create_feature_group()

    * SageMakerRuntime:
        * invoke_endpoint_async()

Miscellaneous:
    * Cognito: The ID-token now contains custom attributes
    * DynamoDB: query() now returns the correct ScannedCount
    * EC2: Security Group Rules now have tag support 
    * LakeFormation: grant_permissions() now has better support for known principal-resource pairs
    * SNS: set_subscription_attributes() can now unset the FilterPolicy

v4.2.13

Compare Source

Docker Digest for 4.2.13: sha256:20a2fdd4828b0ce1170ae26186ed28b64523cf6af83af892a74d9b3e23f84471

New Services:
    * Panorama:
        * delete_device()
        * describe_device()
        * list_devices()
        * provision_device()
        * update_device_metadata()

New Methods:
    * CognitoIDP:
        * admin_respond_to_auth_challenge()

    * IdentityStore:
        *  list_group_memberships_for_member()

    * Rekognition:
        * compare_faces()
        * detect_labels()
        * detect_text()

    * SSO-Admin:
        * attach_customer_managed_policy_reference_to_permission_set()
        * attach_managed_policy_to_permission_set()
        * delete_inline_policy_from_permission_set()
        * detach_customer_managed_policy_reference_from_permission_set()
        * detach_managed_policy_from_permission_set()
        * get_inline_policy_for_permission_set()
        * list_account_assignments_for_principal()
        * list_customer_managed_policy_references_in_permission_set()
        * list_managed_policies_in_permission_set()
        * put_inline_policy_to_permission_set()

    * Textract:
        * detect_document_text()

Miscellaneous:
    * ACM: describe_certificate() now returns a DomainValidationOption for each SN
    * CloudFormation: create_change_set() now longer throws an exception when supplying a YAML TemplateBody
    * CognitoIDP: create_resource_server() no longer crashes when the scope-parameter is not provided
    * DynamoDB: scan() now correctly handles the ScanFilter-attribute again (broken in 4.2.11)
    * EC2: launch templates created by CloudFormation now have a generated name if not provided
    * EC2: describe_instance_types() now handles unknown values for EnaSupport correctly
    * Sagemaker: create_model_package() nown supports Versioned packages
    * Scheduler: delete_scheduler() now throws the correct exception when a Schedule does not exist
    * SSO-Admin: list_account_assignments() now supports pagination

v4.2.12

Compare Source

Miscellaneous:
* AWSLambda: list_functions() now returns a default PackageType (ZIP) if not specified
* CloudFormation: AWS::EC2::LaunchTemplate resources now support Fn::GetAtt operations
* CognitoIDP: admin_initiate_auth() now correctly returns a Challenge when 2FA is enabled
* DynamoDB: execute_statement() now supports INSERT/UPDATE/DELETE queries
* EC2: describe_availability_zones() now supports the ZoneNames/ZoneIds-parameters
* KMS: encrypt() now validates payloads that are too large
* ResourceGroupTaggingAPI: get_resources() now supports SQS queues
* Route53: list_hosted_zone()/list_hosted_zones_by_name() now return the CallerReference
* S3: copy() now respects the ExtraArgs-parameter when using MultiPart uploads
* S3: list_object_versions() now supports pagination
* S3: put_object_tagging() now validates the number of tags provided

v4.2.11

Compare Source

Docker Digest for 4.2.11: sha256:f2a24d8a3440bf397705e461b33a032bbb6d3511cd9c643e71419dd962b3384e

New Methods:
    * Lambda:
        * DeleteFunctionEventInvokeConfig()
        * GetFunctionEventInvokeConfig()
        * ListFunctionEventInvokeConfigs()
        * PutFunctionEventInvokeConfig()
        * UpdateFunctionEventInvokeConfig()

    * Logs:
        * describe_export_tasks()

Miscellaneous:
    * DynamoDB: put_item() now returns old item for ConditionalCheckFailed exceptions
    * DynamoDB: scan() now returns 

---

Configuration

📅 Schedule: Branch creation - "* * * * 0,6" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.