AWS Security ChangesHomeSearch

AWS cdk documentation change

Service: cdk · 2026-03-13 · Documentation medium

File: cdk/v2/guide/aspects.md

Summary

Added comparative analysis between Aspects and Mixins with usage guidance

Security assessment

Explicitly mentions using Aspects for security requirements validation ('validate that all resources in a stack meet your organization's security requirements'), documenting security-related application of CDK features

Diff

diff --git a/cdk/v2/guide/aspects.md b/cdk/v2/guide/aspects.md
index 9654e29f9..d7ba82f87 100644
--- a//cdk/v2/guide/aspects.md
+++ b//cdk/v2/guide/aspects.md
@@ -5 +5 @@
-Aspects in detailExample
+Aspects vs. MixinsAspects in detailExample
@@ -54,0 +55,15 @@ The AWS CDK uses aspects to [tag resources](./tagging.html), but the framework c
+## Aspects vs. Mixins
+
+Aspects and [Mixins](./mixins.html) both modify constructs, but they differ in when and how they are applied:
+
+Feature | Aspects | Mixins  
+---|---|---  
+**When applied** |  During synthesis, after all other code has run. |  Immediately when `.with()` is called.  
+**Scope** |  All constructs in a given scope, including constructs added later. |  Only the constructs you explicitly apply them to.  
+**Style** |  Declarative — you set a rule and the CDK applies it. |  Imperative — you choose what to apply and where.  
+**Best for** |  Validation, compliance, tagging, broad policies. |  Adding specific features to individual resources.  
+  
+Use Aspects when you want to enforce rules across your entire application or validate that constructs meet certain criteria. Use Mixins when you want to add a specific feature to a specific construct.
+
+Aspects and Mixins can be used together. For example, you might use Mixins to configure individual resources and Aspects to validate that all resources in a stack meet your organization’s security requirements.
+