Merge branch 'develop' into improv/event-source-return-type

Author: robmoss2k

.github/workflows/codeql-analysis.yml

@@ -28,7 +28,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+        uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL

.github/workflows/dependency-review.yml

@@ -17,6 +17,6 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: 'Checkout Repository'
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+        uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
       - name: 'Dependency Review'
         uses: actions/dependency-review-action@5bbc3ba658137598168acb2ab73b21c432dd411b # v4.2.5

.github/workflows/label_pr_on_title.yml

@@ -50,7 +50,7 @@ jobs:
       pull-requests: write  # label respective PR
     steps:
       - name: Checkout repository
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+        uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
       - name: "Label PR based on title"
         uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
         env:

.github/workflows/on_label_added.yml

@@ -47,7 +47,7 @@ jobs:
     permissions:
       pull-requests: write  # comment on PR
     steps:
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
       # Maintenance: Persist state per PR as an artifact to avoid spam on label add
       - name: "Suggest split large Pull Request"
         uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1

.github/workflows/on_merged_pr.yml

@@ -49,7 +49,7 @@ jobs:
       issues: write         # label issue with pending-release
     if: needs.get_pr_details.outputs.prIsMerged == 'true'
     steps:
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
       - name: "Label PR related issue for release"
         uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
         env:

.github/workflows/on_opened_pr.yml

@@ -47,7 +47,7 @@ jobs:
     needs: get_pr_details
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
       - name: "Ensure related issue is present"
         uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
         env:
@@ -66,7 +66,7 @@ jobs:
     permissions:
       pull-requests: write  # label and comment on PR if missing acknowledge section (requirement)
     steps:
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
       - name: "Ensure acknowledgement section is present"
         uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
         env:

.github/workflows/on_schedule_monthly_roadmap_reminder.yml

@@ -16,5 +16,3 @@ jobs:
         uses: aws-powertools/actions/.github/workflows/monthly_roadmap_reminder.yml@fd4575466e5c2ac10703ac16f5aa9fb8890f532a
         with:
             token: ${{ github.token }}
-
-

.github/workflows/ossf_scorecard.yml

@@ -22,7 +22,7 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+        uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
         with:
           persist-credentials: false
 
@@ -35,7 +35,7 @@ jobs:
           repo_token: ${{ secrets.SCORECARD_TOKEN }}  # read-only fine-grained token to read branch protection settings
 
       - name: "Upload results"
-        uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2
+        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
         with:
           name: SARIF file
           path: results.sarif

.github/workflows/publish_v2_layer.yml

@@ -88,7 +88,7 @@ jobs:
         working-directory: ./layer
     steps:
       - name: checkout
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+        uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
         with:
           ref: ${{ env.RELEASE_COMMIT }}
 
@@ -146,7 +146,7 @@ jobs:
       - name: zip output
         run: zip -r cdk.out.zip cdk.out
       - name: Archive CDK artifacts
-        uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2
+        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
         with:
           name: cdk-layer-artefact
           path: layer/cdk.out.zip
@@ -247,7 +247,7 @@ jobs:
       pages: none
     steps:
       - name: Checkout repository # reusable workflows start clean, so we need to checkout again
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+        uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
         with:
           ref: ${{ env.RELEASE_COMMIT }}
 
@@ -258,7 +258,7 @@ jobs:
           artifact_name: ${{ inputs.source_code_artifact_name }}
 
       - name: Download CDK layer artifacts
-        uses: actions/download-artifact@8caf195ad4b1dee92908e23f56eeb0696f1dd42d # v4.1.5
+        uses: actions/download-artifact@9c19ed7fe5d278cd354c7dfd5d3b88589c7e2395 # v4.1.6
         with:
           path: cdk-layer-stack
           pattern: cdk-layer-stack-*  # merge all Layer artifacts created per region earlier (reusable_deploy_v2_layer_stack.yml; step "Save Layer ARN artifact")

.github/workflows/quality_check.yml

@@ -50,7 +50,7 @@ jobs:
     permissions:
       contents: read  # checkout code only
     steps:
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
       - name: Install poetry
         run: pipx install poetry
       - name: Set up Python ${{ matrix.python-version }}

.github/workflows/quality_check_pydanticv2.yml

@@ -49,7 +49,7 @@ jobs:
     permissions:
       contents: read # checkout code only
     steps:
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+      - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
       - name: Install poetry
         run: pipx install poetry
       - name: Set up Python ${{ matrix.python-version }}

.github/workflows/record_pr.yml

@@ -46,14 +46,14 @@ jobs:
     permissions:
       contents: read  # NOTE: treat as untrusted location
     steps:
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
       - name: "Extract PR details"
         uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
         with:
           script: |
             const script = require('.github/scripts/save_pr_details.js')
             await script({github, context, core})
-      - uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2
+      - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
         with:
           name: pr
           path: pr.txt

.github/workflows/release.yml

@@ -80,7 +80,7 @@ jobs:
           RELEASE_VERSION="${RELEASE_TAG_VERSION:1}"
           echo "RELEASE_VERSION=${RELEASE_VERSION}" >> "$GITHUB_OUTPUT"
 
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
         with:
           ref: ${{ env.RELEASE_COMMIT }}
 
@@ -115,7 +115,7 @@ jobs:
       contents: read
     steps:
       # NOTE: we need actions/checkout to configure git first (pre-commit hooks in make dev)
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
         with:
           ref: ${{ env.RELEASE_COMMIT }}
 
@@ -156,7 +156,7 @@ jobs:
       attestation_hashes: ${{ steps.encoded_hash.outputs.attestation_hashes }}
     steps:
       # NOTE: we need actions/checkout to configure git first (pre-commit hooks in make dev)
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
         with:
           ref: ${{ env.RELEASE_COMMIT }}
 
@@ -225,7 +225,7 @@ jobs:
       RELEASE_VERSION: ${{ needs.seal.outputs.RELEASE_VERSION }}
     steps:
       # NOTE: we need actions/checkout in order to use our local actions (e.g., ./.github/actions)
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
         with:
           ref: ${{ env.RELEASE_COMMIT }}
 
@@ -259,7 +259,7 @@ jobs:
       contents: write
     steps:
       # NOTE: we need actions/checkout to authenticate and configure git first
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
         with:
           ref: ${{ env.RELEASE_COMMIT }}
 
@@ -303,7 +303,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       # NOTE: we need actions/checkout to authenticate and configure git first
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
         with:
           ref: ${{ env.RELEASE_COMMIT }}
 
@@ -357,7 +357,7 @@ jobs:
     env:
       RELEASE_VERSION: ${{ needs.seal.outputs.RELEASE_VERSION }}
     steps:
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
         with:
           ref: ${{ env.RELEASE_COMMIT }}
 

.github/workflows/reusable_deploy_v2_layer_stack.yml

@@ -140,7 +140,7 @@ jobs:
             has_arm64_support: "true"
     steps:
       - name: checkout
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+        uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
         with:
           ref: ${{ env.RELEASE_COMMIT }}
 
@@ -180,7 +180,7 @@ jobs:
       - name: install deps
         run: poetry install
       - name: Download artifact
-        uses: actions/download-artifact@8caf195ad4b1dee92908e23f56eeb0696f1dd42d # v4.1.5
+        uses: actions/download-artifact@9c19ed7fe5d278cd354c7dfd5d3b88589c7e2395 # v4.1.6
         with:
           name: ${{ inputs.artefact-name }}
           path: layer
@@ -197,7 +197,7 @@ jobs:
           cat cdk-layer-stack/${{ matrix.region }}-layer-version.txt
       - name: Save Layer ARN artifact
         if: ${{ inputs.stage == 'PROD' }}
-        uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2
+        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
         with:
           name: cdk-layer-stack-${{ matrix.region }}
           path: ./layer/cdk-layer-stack/* # NOTE: upload-artifact does not inherit working-directory setting.

.github/workflows/reusable_deploy_v2_sar.yml

@@ -79,7 +79,7 @@ jobs:
         architecture: ["x86_64", "arm64"]
     steps:
       - name: checkout
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+        uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
         with:
           ref: ${{ env.RELEASE_COMMIT }}
 
@@ -115,7 +115,7 @@ jobs:
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Download artifact
-        uses: actions/download-artifact@8caf195ad4b1dee92908e23f56eeb0696f1dd42d # v4.1.5
+        uses: actions/download-artifact@9c19ed7fe5d278cd354c7dfd5d3b88589c7e2395 # v4.1.6
         with:
           name: ${{ inputs.artefact-name }}
       - name: Unzip artefact

.github/workflows/reusable_export_pr_details.yml

@@ -76,7 +76,7 @@ jobs:
       prLabels: ${{ steps.prLabels.outputs.prLabels }}
     steps:
       - name: Checkout repository # in case caller workflow doesn't checkout thus failing with file not found
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+        uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
       - name: "Download previously saved PR"
         uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
         env:

.github/workflows/reusable_publish_changelog.yml

@@ -26,7 +26,7 @@ jobs:
       pull-requests: write  # create PR
     steps:
       - name: Checkout repository # reusable workflows start clean, so we need to checkout again
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+        uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
         with:
           fetch-depth: 0
       - name: "Generate latest changelog"

.github/workflows/reusable_publish_docs.yml

@@ -44,7 +44,7 @@ jobs:
       id-token: write  # trade JWT token for AWS credentials in AWS Docs account
       pages: write     # uncomment if mike fails as we migrated to S3 hosting
     steps:
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
         with:
           fetch-depth: 0
           ref: ${{ inputs.git_ref }}

.github/workflows/run-e2e-tests.yml

@@ -51,7 +51,7 @@ jobs:
     if: ${{ github.actor != 'dependabot[bot]' && github.repository == 'aws-powertools/powertools-lambda-python' }}
     steps:
       - name: "Checkout"
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+        uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
       - name: Install poetry
         run: pipx install poetry
       - name: "Use Python"

.github/workflows/secure_workflows.yml

@@ -30,7 +30,7 @@ jobs:
       contents: read  # checkout code and subsequently GitHub action workflows
     steps:
       - name: Checkout code
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+        uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f  # v4.1.3
       - name: Ensure 3rd party workflows have SHA pinned
         uses: zgosalvez/github-actions-ensure-sha-pinned-actions@19ebcb0babbd282ae1822a0b9c28f3f1f25cea45 # v3.0.4
         with:

CHANGELOG.md

@@ -10,6 +10,15 @@
 
 ## Maintenance
 
+* **deps:** bump actions/upload-artifact from 4.3.1 to 4.3.2 ([#4162](https://github.com/aws-powertools/powertools-lambda-python/issues/4162))
+* **deps:** bump actions/checkout from 4.1.2 to 4.1.3 ([#4168](https://github.com/aws-powertools/powertools-lambda-python/issues/4168))
+* **deps:** bump actions/download-artifact from 4.1.4 to 4.1.5 ([#4161](https://github.com/aws-powertools/powertools-lambda-python/issues/4161))
+* **deps-dev:** bump ruff from 0.3.7 to 0.4.1 ([#4166](https://github.com/aws-powertools/powertools-lambda-python/issues/4166))
+* **deps-dev:** bump aws-cdk from 2.137.0 to 2.138.0 ([#4157](https://github.com/aws-powertools/powertools-lambda-python/issues/4157))
+* **deps-dev:** bump aws-cdk-lib from 2.137.0 to 2.138.0 ([#4160](https://github.com/aws-powertools/powertools-lambda-python/issues/4160))
+* **deps-dev:** bump cdklabs-generative-ai-cdk-constructs from 0.1.119 to 0.1.121 ([#4167](https://github.com/aws-powertools/powertools-lambda-python/issues/4167))
+* **deps-dev:** bump aws-cdk-aws-lambda-python-alpha from 2.137.0a0 to 2.138.0a0 ([#4169](https://github.com/aws-powertools/powertools-lambda-python/issues/4169))
+* **deps-dev:** bump cdklabs-generative-ai-cdk-constructs from 0.1.121 to 0.1.123 ([#4176](https://github.com/aws-powertools/powertools-lambda-python/issues/4176))
 
 
 <a name="v2.37.0"></a>

aws_lambda_powertools/utilities/parser/parser.py

@@ -83,16 +83,17 @@ def handler(event: Order, context: LambdaContext):
         When envelope given does not implement BaseEnvelope
     """
 
-    # The first parameter of a Lambda function is always the event
-    # This line get the model informed in the event_parser function
-    # or the first parameter of the function by using typing.get_type_hints
-    type_hints = typing.get_type_hints(handler)
-    model = model or (list(type_hints.values())[0] if type_hints else None)
     if model is None:
-        raise InvalidModelTypeError(
-            "The model must be provided either as the `model` argument to `event_parser`"
-            "or as the type hint of `event` in the handler that it wraps",
-        )
+        # The first parameter of a Lambda function is always the event.
+        # Get the first parameter's type by using typing.get_type_hints.
+        type_hints = typing.get_type_hints(handler)
+        if type_hints:
+            model = list(type_hints.values())[0]
+        if model is None:
+            raise InvalidModelTypeError(
+                "The model must be provided either as the `model` argument to `event_parser`"
+                "or as the type hint of `event` in the handler that it wraps",
+            )
 
     if envelope:
         parsed_event = parse(event=event, model=model, envelope=envelope)

docs/roadmap.md

@@ -1,6 +1,5 @@
-<!-- markdownlint-disable MD043 -->
-
-## Overview
+<!-- markdownlint-disable MD043 MD041 -->
+# Overview
 
 Our public roadmap outlines the high level direction we are working towards. We update this document when our priorities change: security and stability are our top priority.
 
@@ -10,42 +9,60 @@ Our public roadmap outlines the high level direction we are working towards. We
 
 Security and operational excellence take precedence above all else. This means bug fixing, stability, customer's support, and internal compliance may delay one or more key areas below.
 
-### Amazon Bedrock Agent Event Handler
+**Missing something or want us to prioritize an existing area?**
 
-Based on [customers](https://github.com/aws-powertools/powertools-lambda-python#connect){target="_blank"} at re:Invent 2023, we will add a new Event Handler resolver to improve authoring and maintenance of Amazon Bedrock Agents.
+You can help us prioritize by [upvoting existing feature requests](https://github.com/aws-powertools/powertools-lambda-python/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc+label%3Afeature-request), leaving a comment on what use cases it could unblock for you, and by joining our discussions on Discord.
+
+### Observability providers
+
+We want to extend Tracer, Metrics, and Logger to support any [AWS Lambda certified observability partner](https://go.aws/3HtU6CZ){target="_blank"}, along with OpenTelemetry.
+
+At launch, we will support Datadog since it's [most requested observability provider](https://github.com/aws-powertools/powertools-lambda-python/issues/1433). OpenTelemetry will be a fast follow-up as we need to decide on a stable solution to cold start penalty.
+
+!!! tip "Help us identify which observability providers we should integrate next. Open [feature request](https://github.com/aws-powertools/powertools-lambda-python/issues/new?assignees=&labels=feature-request%2Ctriage&projects=&template=feature_request.yml&title=Feature+request%3A+TITLE){target="_blank"} or by voting `+1` in existing issues"
 
 **Major updates**
 
-* [x] [Event Source Data Classes support](https://github.com/aws-powertools/powertools-lambda-python/pull/3262)
-* [x] [Pydantic model _(Parser)_ support](https://github.com/aws-powertools/powertools-lambda-python/pull/3286)
-* [x] [MVP Event Handler](https://github.com/aws-powertools/powertools-lambda-python/pull/3285)
-* [ ] [New feature documentation](https://github.com/aws-powertools/powertools-lambda-python/pull/3602)
-* [ ] Video to walkthrough use cases for anyone new to LLM Agents
-* [ ] Launch amplifier (_e.g., What's New, Blog post_)
+* [x] [Document how customers can use any provider with Logger](https://docs.powertools.aws.dev/lambda/python/latest/core/logger/#observability-providers)
+* [x] [Extend Metrics to add support for any Provider](https://github.com/aws-powertools/powertools-lambda-python/pull/2194)
+* [ ] [Extend Tracer to add support for any Provider](https://github.com/aws-powertools/powertools-lambda-python/pull/2342#issuecomment-2061734362)
+* [ ] Investigate alternative solution to OpenTelemetry cold start performance
 
-### Setting Parameters and Secrets
+### Lambda Layer in GovCloud
 
-As of today, the [Parameters](./utilities/parameters.md){target="_blank"} feature is used to retrieve data, not to create or update existing parameters. Based on community feedback, we plan to enhance Parameters to allow set operations.
+We want to investigate security and scaling requirements for these special regions, so they're in sync for every release.
+
+!!! note "Help us prioritize it by reaching out to your AWS representatives or [via email](mailto:aws-powertools-maintainers@amazon.com)."
 
 **Major updates**
 
-* [x] [RFC](https://github.com/aws-powertools/powertools-lambda-python/issues/3040)
-* [ ] [MVP](https://github.com/aws-powertools/powertools-lambda-python/pull/2858)
+* [x] Gather agencies and customers name to prioritize it
+* [x] Investigate security requirements for special regions
+* [x] Create additional infrastructure for special regions
+* [x] AppSec review
+* [x] Update CDK Layer construct to include regions
+* [x] Distribution sign-off
+* [ ] Distribute latest version
+* [ ] Update Layer section with new AWS Accounts
 
-### Observability providers
+### V3
 
-We want to extend Tracer, Metrics, and Logger to support any [AWS Lambda certified observability partner](https://go.aws/3HtU6CZ){target="_blank"}, along with OpenTelemetry.
+We are in the process of planning the roadmap for v3. As always, [our approach](./versioning.md){target="_blank"} includes providing sufficient advance notice, a comprehensive upgrade guide, and minimizing breaking changes to facilitate a smooth transition (e.g., it took ~7 months from v2 to surpass v1 downloads).
 
-At launch, we will support Datadog since it's [most requested observability provider](https://github.com/aws-powertools/powertools-lambda-python/issues/1433). OpenTelemetry will be a fast follow-up as we need to decide on a stable solution to cold start penalty.
+For example, these are on our mind but not settled yet until we have a public tracker to discuss what these means in detail.
 
-!!! tip "Help us identify which observability providers we should integrate next. Open [feature request](https://github.com/aws-powertools/powertools-lambda-python/issues/new?assignees=&labels=feature-request%2Ctriage&projects=&template=feature_request.yml&title=Feature+request%3A+TITLE){target="_blank"} or by voting `+1` in existing issues"
+* **Parser**: Drop Pydantic v1
+* **Parser**: Deserialize Amazon DynamoDB data types automatically (like Event Source Data Classes)
+* **Parameters**: Increase default `max_age` for `get_secret`
+* **Event Source Data Classes**: Return sane defaults for any property that has `Optional[<type>]` returns
+* **Batch**: Stop at first error for Amazon DynamoDB Streams and Amazon Kinesis Data Streams (e.g., `stop_on_failure=True`)
 
 **Major updates**
 
-* [x] [Document how customers can use any provider with Logger](https://docs.powertools.aws.dev/lambda/python/latest/core/logger/#observability-providers)
-* [x] [Extend Metrics to add support for any Provider](https://github.com/aws-powertools/powertools-lambda-python/pull/2194)
-* [ ] [Extend Tracer to add support for any Provider](https://github.com/aws-powertools/powertools-lambda-python/issues/2030)
-* [ ] Investigate alternative solution to OpenTelemetry cold start performance
+* [ ] Create an issue to track breaking changes we consider making
+* [ ] Create a v3 branch to allow early experimentation
+* [ ] Create workflows to allow pre-releases
+* [ ] Create a mechanism to keep ideas for breaking change somewhere regardless of v3
 
 ### Revamp Event Handler
 
@@ -63,6 +80,17 @@ Based on customers feedback, we want to provide [middleware authoring support](h
 * [x] [MVP for OpenAPI and SwaggerUI](https://github.com/aws-powertools/powertools-lambda-python/pull/3109)
 * [ ] [MVP for AppSync Batch invoke and partial failure support](https://github.com/aws-powertools/powertools-lambda-python/pull/1998)
 
+### Authentication (SigV4)
+
+[During customers interview](https://github.com/aws-powertools/powertools-lambda-python#connect){target="_blank"}, we hear that signing requests using [AWS SigV4](https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html){target="_blank"} could be easier.
+
+Since JWT is a close second, this new utility would cover higher level functions to sign and verify requests more easily.
+
+**Major updates**
+
+* [x] [Issue to outline challenges](https://github.com/aws-powertools/powertools-lambda-python/issues/2493), alternative solutions and desired experience
+* [ ] [MVP for AWS SigV4](https://github.com/aws-powertools/powertools-lambda-python/pull/2435)
+
 ### Office hours
 
 We heard from [customers](https://github.com/aws-powertools/powertools-lambda-python#connect){target="_blank"} that Powertools for AWS Lambda and its community can move faster than they are able to catch up. While documentation and release notes take these into account, they notice they don't always know advanced tricks, or what other customers tend to do in similar situations.
@@ -79,17 +107,6 @@ Timezones being tricky, we plan to experiment with an afternoon slot in Central
     * [ ] Invite Discord community
     * [ ] Update roadmap page with Discord event
 
-### Authentication (SigV4)
-
-[During customers interview](https://github.com/aws-powertools/powertools-lambda-python#connect){target="_blank"}, we hear that signing requests using [AWS SigV4](https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html){target="_blank"} could be easier.
-
-Since JWT is a close second, this new utility would cover higher level functions to sign and verify requests more easily.
-
-**Major updates**
-
-* [ ] RFC to outline challenges, alternative solutions and desired experience
-* [ ] [MVP for AWS SigV4](https://github.com/aws-powertools/powertools-lambda-python/pull/2435)
-
 ### Enhanced operational metrics
 
 [Through customers interview](https://github.com/aws-powertools/powertools-lambda-python#connect){target="_blank"}, [Discord](https://discord.gg/B8zZKbbyET){target="_blank" rel="nofollow"}, and [1:1 customer enablement](https://github.com/aws-powertools/powertools-lambda-python#connect){target="_blank"}, we noticed customers often create the same set of custom operational metrics.
@@ -105,41 +122,6 @@ We want to make this easier by extending certain utilities to accept a `metrics`
 * [ ] RFC to outline metrics for Event Handler (_e.g., validation errors_ )
 * [ ] RFC to outline metrics for Idempotency (_e.g., cache hit_)
 
-### Lambda Layer in GovCloud and China region
-
-We want to investigate security and scaling requirements for these special regions, so they're in sync for every release.
-
-!!! note "Help us prioritize it by reaching out to your AWS representatives or [via email](mailto:aws-powertools-maintainers@amazon.com)."
-
-**Major updates**
-
-* [x] Gather agencies and customers name to prioritize it
-* [x] Investigate security requirements for special regions
-* [x] Create additional infrastructure for special regions
-* [ ] AppSec review
-* [ ] Distribution sign-off
-* [ ] Update CDK Layer construct to include regions
-
-### V3
-
-We are in the process of planning the roadmap for v3. As always, [our approach](./versioning.md){target="_blank"} includes providing sufficient advance notice, a comprehensive upgrade guide, and minimizing breaking changes to facilitate a smooth transition (e.g., it took ~7 months from v2 to surpass v1 downloads).
-
-For example, these are on our mind but not settled yet until we have a public tracker to discuss what these means in detail.
-
-* **Parser**: Drop Pydantic v1
-* **Parser**: Deserialize Amazon DynamoDB data types automatically (like Event Source Data Classes)
-* **Parameters**: Increase default `max_age` for `get_secret`
-* **Event Source Data Classes**: Return sane defaults for any property that has `Optional[<type>]` returns
-* **Upgrade tool**: Consider building a CST (Concrete Syntax Tree) tool to ease certain upgrade actions like `pyupgrade` and `django-upgrade`
-* **Batch**: Stop at first error for Amazon DynamoDB Streams and Amazon Kinesis Data Streams (e.g., `stop_on_failure=True`)
-
-**Major updates**
-
-* [ ] Create an issue to track breaking changes we consider making
-* [ ] Create a v3 branch to allow early experimentation
-* [ ] Create workflows to allow pre-releases
-* [ ] Create a mechanism to keep ideas for breaking change somewhere regardless of v3
-
 ## Roadmap status definition
 
 <center>
@@ -209,6 +191,32 @@ A: For existing features, you can directly comment on issues. For anything else,
 
 ## Launched
 
+### Setting Parameters and Secrets
+
+> [Docs](./utilities/parameters.md#setting-parameters)
+
+As of today, the [Parameters](./utilities/parameters.md){target="_blank"} feature is used to retrieve data, not to create or update existing parameters. Based on community feedback, we plan to enhance Parameters to allow set operations.
+
+**Major updates**
+
+* [x] [RFC](https://github.com/aws-powertools/powertools-lambda-python/issues/3040)
+* [x] [MVP](https://github.com/aws-powertools/powertools-lambda-python/pull/2858)
+
+### Amazon Bedrock Agent Event Handler
+
+> [Docs](./core/event_handler/bedrock_agents.md)
+
+Based on [customers](https://github.com/aws-powertools/powertools-lambda-python#connect){target="_blank"} at re:Invent 2023, we will add a new Event Handler resolver to improve authoring and maintenance of Amazon Bedrock Agents.
+
+**Major updates**
+
+* [x] [Event Source Data Classes support](https://github.com/aws-powertools/powertools-lambda-python/pull/3262)
+* [x] [Pydantic model _(Parser)_ support](https://github.com/aws-powertools/powertools-lambda-python/pull/3286)
+* [x] [MVP Event Handler](https://github.com/aws-powertools/powertools-lambda-python/pull/3285)
+* [x] [New feature documentation](https://github.com/aws-powertools/powertools-lambda-python/pull/3602)
+* [x] [Video to walkthrough](https://docs.powertools.aws.dev/lambda/python/latest/core/event_handler/bedrock_agents/#video-walkthrough) use cases for anyone new to LLM Agents
+* [ ] Launch amplifier (_e.g., What's New, Blog post_)
+
 ### Sensitive Data Masking
 
 > [Docs](./utilities/data_masking.md)

poetry.lock

@@ -69,8 +69,8 @@ aws-cdk-lib = "^2.138.0"
 "aws-cdk.aws-apigatewayv2-alpha" = "^2.38.1-alpha.0"
 "aws-cdk.aws-apigatewayv2-integrations-alpha" = "^2.38.1-alpha.0"
 "aws-cdk.aws-apigatewayv2-authorizers-alpha" = "^2.38.1-alpha.0"
-"aws-cdk.aws-lambda-python-alpha" = "^2.137.0a0"
-"cdklabs.generative-ai-cdk-constructs" = "^0.1.121"
+"aws-cdk.aws-lambda-python-alpha" = "^2.138.0a0"
+"cdklabs.generative-ai-cdk-constructs" = "^0.1.123"
 pytest-benchmark = "^4.0.0"
 mypy-boto3-appconfig = "^1.34.58"
 mypy-boto3-cloudformation = "^1.34.84"
@@ -110,7 +110,7 @@ datadog = ["datadog-lambda"]
 datamasking = ["aws-encryption-sdk", "jsonpath-ng"]
 
 [tool.poetry.group.dev.dependencies]
-cfn-lint = "0.86.3"
+cfn-lint = "0.86.4"
 mypy = "^1.1.1"
 types-python-dateutil = "^2.8.19.6"
 httpx = ">=0.23.3,<0.28.0"