Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

feat: update L1 CloudFormation resource definitions #31361

Merged
merged 2 commits into from
Sep 9, 2024

Conversation

aws-cdk-automation
Copy link
Collaborator

Updates the L1 CloudFormation resource definitions with the latest changes from @aws-cdk/aws-service-spec

L1 CloudFormation resource definition changes:

├[~] service aws-acmpca
│ └ resources
│    └[~] resource AWS::ACMPCA::CertificateAuthority
│      ├ properties
│      │  └ RevocationConfiguration: (documentation changed)
│      └ types
│         ├[~] type CrlConfiguration
│         │ └ properties
│         │    ├[-] CustomPath: string
│         │    ├[-] PartitioningEnabled: boolean
│         │    └[-] RetainExpiredCertificates: boolean
│         └[~] type RevocationConfiguration
│           └  - documentation: Certificate revocation information used by the [CreateCertificateAuthority](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html) and [UpdateCertificateAuthority](https://docs.aws.amazon.com/privateca/latest/APIReference/API_UpdateCertificateAuthority.html) actions. Your private certificate authority (CA) can configure Online Certificate Status Protocol (OCSP) support and/or maintain a certificate revocation list (CRL). OCSP returns validation information about certificates as requested by clients, and a CRL contains an updated list of certificates revoked by your CA. For more information, see [RevokeCertificate](https://docs.aws.amazon.com/privateca/latest/APIReference/API_RevokeCertificate.html) in the *AWS Private CA API Reference* and [Setting up a certificate revocation method](https://docs.aws.amazon.com/privateca/latest/userguide/revocation-setup.html) in the *AWS Private CA User Guide* .
│              > The following requirements apply to revocation configurations.
│              > 
│              > - A configuration disabling CRLs or OCSP must contain only the `Enabled=False` parameter, and will fail if other parameters such as `CustomCname` or `ExpirationInDays` are included.
│              > - In a CRL configuration, the `S3BucketName` parameter must conform to the [Amazon S3 bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) .
│              > - A configuration containing a custom Canonical Name (CNAME) parameter for CRLs or OCSP must conform to [RFC2396](https://docs.aws.amazon.com/https://www.ietf.org/rfc/rfc2396.txt) restrictions on the use of special characters in a CNAME.
│              > - In a CRL or OCSP configuration, the value of a CNAME parameter must not include a protocol prefix such as "http://" or "https://".
│              + documentation: Certificate revocation information used by the [CreateCertificateAuthority](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html) and [UpdateCertificateAuthority](https://docs.aws.amazon.com/privateca/latest/APIReference/API_UpdateCertificateAuthority.html) actions. Your private certificate authority (CA) can configure Online Certificate Status Protocol (OCSP) support and/or maintain a certificate revocation list (CRL). OCSP returns validation information about certificates as requested by clients, and a CRL contains an updated list of certificates revoked by your CA. For more information, see [RevokeCertificate](https://docs.aws.amazon.com/privateca/latest/APIReference/API_RevokeCertificate.html) in the *AWS Private CA API Reference* and [Setting up a certificate revocation method](https://docs.aws.amazon.com/privateca/latest/userguide/revocation-setup.html) in the *AWS Private CA User Guide* .
│              The following requirements and constraints apply to revocation configurations.
│              - A configuration disabling CRLs or OCSP must contain only the `Enabled=False` parameter, and will fail if other parameters such as `CustomCname` or `ExpirationInDays` are included.
│              - In a CRL configuration, the `S3BucketName` parameter must conform to the [Amazon S3 bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) .
│              - A configuration containing a custom Canonical Name (CNAME) parameter for CRLs or OCSP must conform to [RFC2396](https://docs.aws.amazon.com/https://www.ietf.org/rfc/rfc2396.txt) restrictions on the use of special characters in a CNAME.
│              - In a CRL or OCSP configuration, the value of a CNAME parameter must not include a protocol prefix such as "http://" or "https://".
│              - To revoke a certificate, delete the resource from your template, and call the AWS Private CA [RevokeCertificate](https://docs.aws.amazon.com/privateca/latest/APIReference/API_RevokeCertificate.html) API and specify the resource's certificate authority ARN.
├[~] service aws-amplify
│ └ resources
│    └[~] resource AWS::Amplify::App
│      ├ properties
│      │  └[+] CacheConfig: CacheConfig
│      └ types
│         └[+] type CacheConfig
│           ├  name: CacheConfig
│           └ properties
│              └Type: string
├[~] service aws-apigatewayv2
│ └ resources
│    └[~] resource AWS::ApiGatewayV2::Integration
│      ├ properties
│      │  └ ResponseParameters: - Map<string, Array<ResponseParameter>> ⇐ json
│      │                        + Map<string, ResponseParameterMap> ⇐ json
│      ├ attributes
│      │  └[+] Id: string
│      └ types
│         ├[~] type ResponseParameter
│         │ ├  - documentation: Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients. Specify a key-value map from a selection key to response parameters. The selection key must be a valid HTTP status code within the range of 200-599. Response parameters are a key-value map. The key must match the pattern `<action>:<header>.<location>` or `overwrite.statuscode` . The action can be `append` , `overwrite` or `remove` . The value can be a static value, or map to response data, stage variables, or context variables that are evaluated at runtime. To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) .
│         │ │  + documentation: response parameter
│         │ └ properties
│         │    ├ Destination: (documentation changed)
│         │    └ Source: (documentation changed)
│         └[+] type ResponseParameterMap
│           ├  documentation: map of response parameter lists
│           │  name: ResponseParameterMap
│           └ properties
│              └ResponseParameters: Array<ResponseParameter>
├[~] service aws-appintegrations
│ └ resources
│    └[~] resource AWS::AppIntegrations::Application
│      └ properties
│         └ Namespace: - string
│                      + string (required)
├[~] service aws-applicationsignals
│ └ resources
│    └[~] resource AWS::ApplicationSignals::ServiceLevelObjective
│      ├ properties
│      │  └[+] RequestBasedSli: RequestBasedSli
│      ├ attributes
│      │  └[+] EvaluationType: string
│      └ types
│         ├[+] type MonitoredRequestCountMetric
│         │ ├  documentation: This structure defines the metric that is used as the "good request" or "bad request" value for a request-based SLO. This value observed for the metric defined in `TotalRequestCountMetric` is divided by the number found for `MonitoredRequestCountMetric` to determine the percentage of successful requests that this SLO tracks.
│         │ │  name: MonitoredRequestCountMetric
│         │ └ properties
│         │    ├GoodCountMetric: Array<MetricDataQuery>
│         │    └BadCountMetric: Array<MetricDataQuery>
│         ├[+] type RequestBasedSli
│         │ ├  documentation: This structure contains information about the performance metric that a request-based SLO monitors.
│         │ │  name: RequestBasedSli
│         │ └ properties
│         │    ├RequestBasedSliMetric: RequestBasedSliMetric (required)
│         │    ├MetricThreshold: number
│         │    └ComparisonOperator: string
│         └[+] type RequestBasedSliMetric
│           ├  documentation: This structure contains the information about the metric that is used for a request-based SLO.
│           │  name: RequestBasedSliMetric
│           └ properties
│              ├KeyAttributes: Map<string, string>
│              ├OperationName: string
│              ├MetricType: string
│              ├TotalRequestCountMetric: Array<MetricDataQuery>
│              └MonitoredRequestCountMetric: MonitoredRequestCountMetric
├[~] service aws-appsync
│ └ resources
│    └[~] resource AWS::AppSync::GraphQLApi
│      └ types
│         └[~] type LogConfig
│           └ properties
│              └ FieldLogLevel: (documentation changed)
├[~] service aws-autoscaling
│ └ resources
│    ├[~] resource AWS::AutoScaling::AutoScalingGroup
│    │ └ properties
│    │    └ HealthCheckType: (documentation changed)
│    └[~] resource AWS::AutoScaling::ScalingPolicy
│      └ types
│         ├[~] type TargetTrackingMetricDataQuery
│         │ └  - documentation: The metric data to return. Also defines whether this call is returning data for one metric only, or whether it is performing a math expression on the values of returned metric statistics to create a new time series. A time series is a series of data points, each of which is associated with a timestamp.
│         │    `TargetTrackingMetricDataQuery` is used with the [AWS::AutoScaling::ScalingPolicy CustomizedMetricSpecification](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-scalingpolicy-customizedmetricspecification.html) property type.
│         │    You can call for a single metric or perform math expressions on multiple metrics. Any expressions used in a metric specification must eventually return a single time series.
│         │    For more information, see the [Create a target tracking scaling policy for Amazon EC2 Auto Scaling using metric math](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-target-tracking-metric-math.html) in the *Amazon EC2 Auto Scaling User Guide* .
│         │    + documentation: The metric data to return. Also defines whether this call is returning data for one metric only, or whether it is performing a math expression on the values of returned metric statistics to create a new time series. A time series is a series of data points, each of which is associated with a timestamp.
│         │    You can use `TargetTrackingMetricDataQuery` structures with a `PutScalingPolicy` operation when you specify a `TargetTrackingConfiguration` in the request.
│         │    You can call for a single metric or perform math expressions on multiple metrics. Any expressions used in a metric specification must eventually return a single time series.
│         │    For more information, see the [Create a target tracking scaling policy for Amazon EC2 Auto Scaling using metric math](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-target-tracking-metric-math.html) in the *Amazon EC2 Auto Scaling User Guide* .
│         └[~] type TargetTrackingMetricStat
│           └  - documentation: `TargetTrackingMetricStat` is a property of the [AWS::AutoScaling::ScalingPolicy TargetTrackingMetricDataQuery](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-scalingpolicy-targettrackingmetricdataquery.html) property type.
│              This structure defines the CloudWatch metric to return, along with the statistic and unit.
│              For more information about the CloudWatch terminology below, see [Amazon CloudWatch concepts](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html) in the *Amazon CloudWatch User Guide* .
│              + documentation: This structure defines the CloudWatch metric to return, along with the statistic and unit.
│              `TargetTrackingMetricStat` is a property of the `TargetTrackingMetricDataQuery` object.
│              For more information about the CloudWatch terminology below, see [Amazon CloudWatch concepts](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html) in the *Amazon CloudWatch User Guide* .
├[~] service aws-backup
│ └ resources
│    └[~] resource AWS::Backup::RestoreTestingPlan
│      └ properties
│         └[+] ScheduleStatus: string
├[~] service aws-batch
│ └ resources
│    └[~] resource AWS::Batch::ComputeEnvironment
│      └ properties
│         └[+] Context: string
├[~] service aws-bedrock
│ └ resources
│    ├[~] resource AWS::Bedrock::Flow
│    │ ├ attributes
│    │ │  └[+] Validations: Array<FlowValidation>
│    │ └ types
│    │    ├[+] type AgentFlowNodeConfiguration
│    │    │ ├  documentation: Defines an agent node in your flow. You specify the agent to invoke at this point in the flow. For more information, see [Node types in Amazon Bedrock works](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-nodes.html) in the Amazon Bedrock User Guide.
│    │    │ │  name: AgentFlowNodeConfiguration
│    │    │ └ properties
│    │    │    └AgentAliasArn: string (required)
│    │    ├[~] type FlowNodeConfiguration
│    │    │ └ properties
│    │    │    ├[+] Agent: AgentFlowNodeConfiguration
│    │    │    ├[+] Collector: json
│    │    │    ├[+] Iterator: json
│    │    │    ├[+] Retrieval: RetrievalFlowNodeConfiguration
│    │    │    └[+] Storage: StorageFlowNodeConfiguration
│    │    ├[+] type FlowValidation
│    │    │ ├  documentation: Contains information about validation of the flow.
│    │    │ │  This data type is used in the following API operations:
│    │    │ │  - [GetFlow response](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent_GetFlow.html#API_agent_GetFlow_ResponseSyntax)
│    │    │ │  - [GetFlowVersion response](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent_GetFlowVersion.html#API_agent_GetFlowVersion_ResponseSyntax)
│    │    │ │  name: FlowValidation
│    │    │ └ properties
│    │    │    └Message: string (required)
│    │    ├[+] type RetrievalFlowNodeConfiguration
│    │    │ ├  documentation: Contains configurations for a Retrieval node in a flow. This node retrieves data from the Amazon S3 location that you specify and returns it as the output.
│    │    │ │  name: RetrievalFlowNodeConfiguration
│    │    │ └ properties
│    │    │    └ServiceConfiguration: RetrievalFlowNodeServiceConfiguration (required)
│    │    ├[+] type RetrievalFlowNodeS3Configuration
│    │    │ ├  documentation: Contains configurations for the Amazon S3 location from which to retrieve data to return as the output from the node.
│    │    │ │  name: RetrievalFlowNodeS3Configuration
│    │    │ └ properties
│    │    │    └BucketName: string (required)
│    │    ├[+] type RetrievalFlowNodeServiceConfiguration
│    │    │ ├  documentation: Contains configurations for the service to use for retrieving data to return as the output from the node.
│    │    │ │  name: RetrievalFlowNodeServiceConfiguration
│    │    │ └ properties
│    │    │    └S3: RetrievalFlowNodeS3Configuration
│    │    ├[+] type StorageFlowNodeConfiguration
│    │    │ ├  documentation: Contains configurations for a Storage node in a flow. This node stores the input in an Amazon S3 location that you specify.
│    │    │ │  name: StorageFlowNodeConfiguration
│    │    │ └ properties
│    │    │    └ServiceConfiguration: StorageFlowNodeServiceConfiguration (required)
│    │    ├[+] type StorageFlowNodeS3Configuration
│    │    │ ├  documentation: Contains configurations for the Amazon S3 location in which to store the input into the node.
│    │    │ │  name: StorageFlowNodeS3Configuration
│    │    │ └ properties
│    │    │    └BucketName: string (required)
│    │    └[+] type StorageFlowNodeServiceConfiguration
│    │      ├  documentation: Contains configurations for the service to use for storing the input into the node.
│    │      │  name: StorageFlowNodeServiceConfiguration
│    │      └ properties
│    │         └S3: StorageFlowNodeS3Configuration
│    ├[~] resource AWS::Bedrock::FlowVersion
│    │ ├ attributes
│    │ │  └[+] CustomerEncryptionKeyArn: string
│    │ └ types
│    │    ├[+] type AgentFlowNodeConfiguration
│    │    │ ├  documentation: Defines an agent node in your flow. You specify the agent to invoke at this point in the flow. For more information, see [Node types in Amazon Bedrock works](https://docs.aws.amazon.com/bedrock/latest/userguide/flows-nodes.html) in the Amazon Bedrock User Guide.
│    │    │ │  name: AgentFlowNodeConfiguration
│    │    │ └ properties
│    │    │    └AgentAliasArn: string (required)
│    │    ├[~] type FlowNodeConfiguration
│    │    │ └ properties
│    │    │    ├[+] Agent: AgentFlowNodeConfiguration
│    │    │    ├[+] Collector: json
│    │    │    ├[+] Iterator: json
│    │    │    ├[+] Retrieval: RetrievalFlowNodeConfiguration
│    │    │    └[+] Storage: StorageFlowNodeConfiguration
│    │    ├[+] type RetrievalFlowNodeConfiguration
│    │    │ ├  documentation: Contains configurations for a Retrieval node in a flow. This node retrieves data from the Amazon S3 location that you specify and returns it as the output.
│    │    │ │  name: RetrievalFlowNodeConfiguration
│    │    │ └ properties
│    │    │    └ServiceConfiguration: RetrievalFlowNodeServiceConfiguration (required)
│    │    ├[+] type RetrievalFlowNodeS3Configuration
│    │    │ ├  documentation: Contains configurations for the Amazon S3 location from which to retrieve data to return as the output from the node.
│    │    │ │  name: RetrievalFlowNodeS3Configuration
│    │    │ └ properties
│    │    │    └BucketName: string (required)
│    │    ├[+] type RetrievalFlowNodeServiceConfiguration
│    │    │ ├  documentation: Contains configurations for the service to use for retrieving data to return as the output from the node.
│    │    │ │  name: RetrievalFlowNodeServiceConfiguration
│    │    │ └ properties
│    │    │    └S3: RetrievalFlowNodeS3Configuration
│    │    ├[+] type StorageFlowNodeConfiguration
│    │    │ ├  documentation: Contains configurations for a Storage node in a flow. This node stores the input in an Amazon S3 location that you specify.
│    │    │ │  name: StorageFlowNodeConfiguration
│    │    │ └ properties
│    │    │    └ServiceConfiguration: StorageFlowNodeServiceConfiguration (required)
│    │    ├[+] type StorageFlowNodeS3Configuration
│    │    │ ├  documentation: Contains configurations for the Amazon S3 location in which to store the input into the node.
│    │    │ │  name: StorageFlowNodeS3Configuration
│    │    │ └ properties
│    │    │    └BucketName: string (required)
│    │    └[+] type StorageFlowNodeServiceConfiguration
│    │      ├  documentation: Contains configurations for the service to use for storing the input into the node.
│    │      │  name: StorageFlowNodeServiceConfiguration
│    │      └ properties
│    │         └S3: StorageFlowNodeS3Configuration
│    └[~] resource AWS::Bedrock::PromptVersion
│      ├  - tagInformation: undefined
│      │  + tagInformation: {"tagPropertyName":"Tags","variant":"map"}
│      ├ properties
│      │  └[+] Tags: Map<string, string>
│      └ attributes
│         └[+] CustomerEncryptionKeyArn: string
├[~] service aws-chatbot
│ └ resources
│    ├[~] resource AWS::Chatbot::MicrosoftTeamsChannelConfiguration
│    │ └ properties
│    │    └ TeamId: (documentation changed)
│    └[~] resource AWS::Chatbot::SlackChannelConfiguration
│      └ properties
│         └ SlackWorkspaceId: (documentation changed)
├[~] service aws-cloudformation
│ └ resources
│    ├[~] resource AWS::CloudFormation::ModuleVersion
│    │ └ attributes
│    │    ├ Schema: (documentation changed)
│    │    └ Visibility: (documentation changed)
│    ├[~] resource AWS::CloudFormation::PublicTypeVersion
│    │ └ properties
│    │    └ PublicVersionNumber: (documentation changed)
│    ├[~] resource AWS::CloudFormation::Publisher
│    │ └ properties
│    │    └ ConnectionArn: (documentation changed)
│    ├[~] resource AWS::CloudFormation::ResourceVersion
│    │ └ attributes
│    │    ├ ProvisioningType: (documentation changed)
│    │    └ Visibility: (documentation changed)
│    ├[~] resource AWS::CloudFormation::Stack
│    │ └ properties
│    │    ├ NotificationARNs: (documentation changed)
│    │    └ Tags: (documentation changed)
│    ├[~] resource AWS::CloudFormation::StackSet
│    │ └ properties
│    │    └ Tags: (documentation changed)
│    └[~] resource AWS::CloudFormation::TypeActivation
│      └  - documentation: Activates a public third-party extension, making it available for use in stack templates. For more information, see [Using public extensions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/registry-public.html) in the *AWS CloudFormation User Guide* .
│         Once you have activated a public third-party extension in your account and Region, use [SetTypeConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_SetTypeConfiguration.html) to specify configuration properties for the extension. For more information, see [Configuring extensions at the account level](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/registry-private.html#registry-set-configuration) in the *CloudFormation User Guide* .
│         + documentation: Activates a public third-party extension, making it available for use in stack templates. For more information, see [Using public extensions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/registry-public.html) in the *AWS CloudFormation User Guide* .
│         Once you have activated a public third-party extension in your account and Region, use [SetTypeConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_SetTypeConfiguration.html) to specify configuration properties for the extension. For more information, see [Configuring extensions at the account level](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/registry-private.html#registry-set-configuration) in the *AWS CloudFormation User Guide* .
├[~] service aws-datasync
│ └ resources
│    ├[~] resource AWS::DataSync::LocationEFS
│    │ ├ properties
│    │ │  ├ AccessPointArn: (documentation changed)
│    │ │  ├ Ec2Config: (documentation changed)
│    │ │  ├ EfsFilesystemArn: (documentation changed)
│    │ │  ├ FileSystemAccessRoleArn: (documentation changed)
│    │ │  ├ InTransitEncryption: (documentation changed)
│    │ │  └ Subdirectory: (documentation changed)
│    │ └ types
│    │    └[~] type Ec2Config
│    │      └  - documentation: The subnet and security groups that AWS DataSync uses to access your Amazon EFS file system.
│    │         + documentation: The subnet and security groups that AWS DataSync uses to connect to one of your Amazon EFS file system's [mount targets](https://docs.aws.amazon.com/efs/latest/ug/accessing-fs.html) .
│    └[~] resource AWS::DataSync::Task
│      └ types
│         └[~] type TaskSchedule
│           └ properties
│              └ ScheduleExpression: (documentation changed)
├[~] service aws-ec2
│ └ resources
│    ├[~] resource AWS::EC2::NetworkInsightsAnalysis
│    │ └ types
│    │    └[~] type AnalysisRouteTableRoute
│    │      └ properties
│    │         └ destinationPrefixListId: (documentation changed)
│    ├[~] resource AWS::EC2::Subnet
│    │ ├ properties
│    │ │  └[-] Ipv6CidrBlocks: Array<string>
│    │ └ attributes
│    │    └ Ipv6CidrBlocks: (documentation changed)
│    └[~] resource AWS::EC2::VPNConnection
│      └ properties
│         ├[+] LocalIpv4NetworkCidr: string (immutable)
│         ├[+] LocalIpv6NetworkCidr: string (immutable)
│         ├[+] OutsideIpAddressType: string (immutable)
│         ├[+] RemoteIpv4NetworkCidr: string (immutable)
│         ├[+] RemoteIpv6NetworkCidr: string (immutable)
│         ├[+] TransportTransitGatewayAttachmentId: string (immutable)
│         └[+] TunnelInsideIpVersion: string (immutable)
├[~] service aws-ecs
│ └ resources
│    ├[~] resource AWS::ECS::CapacityProvider
│    │ └ types
│    │    └[~] type ManagedScaling
│    │      └ properties
│    │         └ MaximumScalingStepSize: (documentation changed)
│    ├[~] resource AWS::ECS::Service
│    │ └ types
│    │    ├[~] type AwsVpcConfiguration
│    │    │ └ properties
│    │    │    ├ SecurityGroups: (documentation changed)
│    │    │    └ Subnets: (documentation changed)
│    │    ├[~] type DeploymentConfiguration
│    │    │ └ properties
│    │    │    ├ MaximumPercent: (documentation changed)
│    │    │    └ MinimumHealthyPercent: (documentation changed)
│    │    ├[~] type LogConfiguration
│    │    │ └  - documentation: The log configuration for the container. This parameter maps to `LogConfig` in the docker conainer create command and the `--log-driver` option to docker run.
│    │    │    By default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition.
│    │    │    Understand the following when specifying a log configuration for your containers.
│    │    │    - Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon. Additional log drivers may be available in future releases of the Amazon ECS container agent.
│    │    │    For tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .
│    │    │    For tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .
│    │    │    - This parameter requires version 1.18 of the Docker Remote API or greater on your container instance.
│    │    │    - For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must register the available logging drivers with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .
│    │    │    - For tasks that are on AWS Fargate , because you don't have access to the underlying infrastructure your tasks are hosted on, any additional software needed must be installed outside of the task. For example, the Fluentd output aggregators or a remote host running Logstash to send Gelf logs to.
│    │    │    + documentation: The log configuration for the container. This parameter maps to `LogConfig` in the docker container create command and the `--log-driver` option to docker run.
│    │    │    By default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition.
│    │    │    Understand the following when specifying a log configuration for your containers.
│    │    │    - Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon. Additional log drivers may be available in future releases of the Amazon ECS container agent.
│    │    │    For tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .
│    │    │    For tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .
│    │    │    - This parameter requires version 1.18 of the Docker Remote API or greater on your container instance.
│    │    │    - For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must register the available logging drivers with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .
│    │    │    - For tasks that are on AWS Fargate , because you don't have access to the underlying infrastructure your tasks are hosted on, any additional software needed must be installed outside of the task. For example, the Fluentd output aggregators or a remote host running Logstash to send Gelf logs to.
│    │    └[~] type ServiceConnectConfiguration
│    │      └ properties
│    │         └ LogConfiguration: (documentation changed)
│    ├[~] resource AWS::ECS::TaskDefinition
│    │ └ types
│    │    ├[~] type ContainerDefinition
│    │    │ └ properties
│    │    │    ├ Command: (documentation changed)
│    │    │    ├ Cpu: (documentation changed)
│    │    │    ├ DisableNetworking: (documentation changed)
│    │    │    ├ DnsSearchDomains: (documentation changed)
│    │    │    ├ DnsServers: (documentation changed)
│    │    │    ├ DockerLabels: (documentation changed)
│    │    │    ├ DockerSecurityOptions: (documentation changed)
│    │    │    ├ EntryPoint: (documentation changed)
│    │    │    ├ Environment: (documentation changed)
│    │    │    ├ ExtraHosts: (documentation changed)
│    │    │    ├ HealthCheck: (documentation changed)
│    │    │    ├ Hostname: (documentation changed)
│    │    │    ├ Image: (documentation changed)
│    │    │    ├ Interactive: (documentation changed)
│    │    │    ├ Links: (documentation changed)
│    │    │    ├ MemoryReservation: (documentation changed)
│    │    │    ├ MountPoints: (documentation changed)
│    │    │    ├ Name: (documentation changed)
│    │    │    ├ Privileged: (documentation changed)
│    │    │    ├ PseudoTerminal: (documentation changed)
│    │    │    ├ ReadonlyRootFilesystem: (documentation changed)
│    │    │    ├[+] RestartPolicy: RestartPolicy
│    │    │    ├ SystemControls: (documentation changed)
│    │    │    ├ User: (documentation changed)
│    │    │    ├ VolumesFrom: (documentation changed)
│    │    │    └ WorkingDirectory: (documentation changed)
│    │    ├[~] type DockerVolumeConfiguration
│    │    │ └ properties
│    │    │    ├ Driver: (documentation changed)
│    │    │    └ Labels: (documentation changed)
│    │    ├[~] type FSxAuthorizationConfig
│    │    │ ├  - documentation: undefined
│    │    │ │  + documentation: The authorization configuration details for Amazon FSx for Windows File Server file system. See [FSxWindowsFileServerVolumeConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_FSxWindowsFileServerVolumeConfiguration.html) in the *Amazon ECS API Reference* .
│    │    │ │  For more information and the input format, see [Amazon FSx for Windows File Server Volumes](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/wfsx-volumes.html) in the *Amazon Elastic Container Service Developer Guide* .
│    │    │ └ properties
│    │    │    ├ CredentialsParameter: (documentation changed)
│    │    │    └ Domain: (documentation changed)
│    │    ├[~] type HealthCheck
│    │    │ └ properties
│    │    │    └ Command: (documentation changed)
│    │    ├[~] type KernelCapabilities
│    │    │ └ properties
│    │    │    ├ Add: (documentation changed)
│    │    │    └ Drop: (documentation changed)
│    │    ├[~] type LinuxParameters
│    │    │ └ properties
│    │    │    └ Devices: (documentation changed)
│    │    ├[+] type RestartPolicy
│    │    │ ├  documentation: You can enable a restart policy for each container defined in your task definition, to overcome transient failures faster and maintain task availability. When you enable a restart policy for a container, Amazon ECS can restart the container if it exits, without needing to replace the task. For more information, see [Restart individual containers in Amazon ECS tasks with container restart policies](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/container-restart-policy.html) in the *Amazon Elastic Container Service Developer Guide* .
│    │    │ │  name: RestartPolicy
│    │    │ └ properties
│    │    │    ├IgnoredExitCodes: Array<integer>
│    │    │    ├RestartAttemptPeriod: integer
│    │    │    └Enabled: boolean
│    │    ├[~] type SystemControl
│    │    │ └  - documentation: A list of namespaced kernel parameters to set in the container. This parameter maps to `Sysctls` in tthe docker conainer create command and the `--sysctl` option to docker run. For example, you can configure `net.ipv4.tcp_keepalive_time` setting to maintain longer lived connections.
│    │    │    We don't recommend that you specify network-related `systemControls` parameters for multiple containers in a single task that also uses either the `awsvpc` or `host` network mode. Doing this has the following disadvantages:
│    │    │    - For tasks that use the `awsvpc` network mode including Fargate, if you set `systemControls` for any container, it applies to all containers in the task. If you set different `systemControls` for multiple containers in a single task, the container that's started last determines which `systemControls` take effect.
│    │    │    - For tasks that use the `host` network mode, the network namespace `systemControls` aren't supported.
│    │    │    If you're setting an IPC resource namespace to use for the containers in the task, the following conditions apply to your system controls. For more information, see [IPC mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#task_definition_ipcmode) .
│    │    │    - For tasks that use the `host` IPC mode, IPC namespace `systemControls` aren't supported.
│    │    │    - For tasks that use the `task` IPC mode, IPC namespace `systemControls` values apply to all containers within a task.
│    │    │    > This parameter is not supported for Windows containers. > This parameter is only supported for tasks that are hosted on AWS Fargate if the tasks are using platform version `1.4.0` or later (Linux). This isn't supported for Windows containers on Fargate.
│    │    │    + documentation: A list of namespaced kernel parameters to set in the container. This parameter maps to `Sysctls` in tthe docker container create command and the `--sysctl` option to docker run. For example, you can configure `net.ipv4.tcp_keepalive_time` setting to maintain longer lived connections.
│    │    │    We don't recommend that you specify network-related `systemControls` parameters for multiple containers in a single task that also uses either the `awsvpc` or `host` network mode. Doing this has the following disadvantages:
│    │    │    - For tasks that use the `awsvpc` network mode including Fargate, if you set `systemControls` for any container, it applies to all containers in the task. If you set different `systemControls` for multiple containers in a single task, the container that's started last determines which `systemControls` take effect.
│    │    │    - For tasks that use the `host` network mode, the network namespace `systemControls` aren't supported.
│    │    │    If you're setting an IPC resource namespace to use for the containers in the task, the following conditions apply to your system controls. For more information, see [IPC mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#task_definition_ipcmode) .
│    │    │    - For tasks that use the `host` IPC mode, IPC namespace `systemControls` aren't supported.
│    │    │    - For tasks that use the `task` IPC mode, IPC namespace `systemControls` values apply to all containers within a task.
│    │    │    > This parameter is not supported for Windows containers. > This parameter is only supported for tasks that are hosted on AWS Fargate if the tasks are using platform version `1.4.0` or later (Linux). This isn't supported for Windows containers on Fargate.
│    │    └[~] type Ulimit
│    │      └ properties
│    │         ├ HardLimit: (documentation changed)
│    │         └ SoftLimit: (documentation changed)
│    └[~] resource AWS::ECS::TaskSet
│      └ types
│         └[~] type AwsVpcConfiguration
│           └ properties
│              ├ SecurityGroups: (documentation changed)
│              └ Subnets: (documentation changed)
├[~] service aws-elasticloadbalancingv2
│ └ resources
│    └[~] resource AWS::ElasticLoadBalancingV2::TargetGroup
│      └ properties
│         └ TargetGroupAttributes: (documentation changed)
├[~] service aws-entityresolution
│ └ resources
│    ├[~] resource AWS::EntityResolution::IdNamespace
│    │ └ types
│    │    └[~] type NamespaceRuleBasedProperties
│    │      └ properties
│    │         └ RecordMatchingModels: (documentation changed)
│    └[~] resource AWS::EntityResolution::MatchingWorkflow
│      ├ properties
│      │  └[+] IncrementalRunConfig: IncrementalRunConfig
│      └ types
│         └[+] type IncrementalRunConfig
│           ├  documentation: An object which defines an incremental run type and has only `incrementalRunType` as a field.
│           │  name: IncrementalRunConfig
│           └ properties
│              └IncrementalRunType: string (required)
├[~] service aws-glue
│ └ resources
│    └[~] resource AWS::Glue::Database
│      └ attributes
│         └[-] Id: string
├[~] service aws-groundstation
│ └ resources
│    ├[~] resource AWS::GroundStation::DataflowEndpointGroup
│    │ └ types
│    │    └[~] type AwsGroundStationAgentEndpoint
│    │      ├  - documentation: undefined
│    │      │  + documentation: Information about AwsGroundStationAgentEndpoint.
│    │      └ properties
│    │         ├ AgentStatus: (documentation changed)
│    │         ├ AuditResults: (documentation changed)
│    │         ├ EgressAddress: (documentation changed)
│    │         ├ IngressAddress: (documentation changed)
│    │         └ Name: (documentation changed)
│    └[~] resource AWS::GroundStation::MissionProfile
│      └ types
│         └[~] type StreamsKmsKey
│           ├  - documentation: undefined
│           │  + documentation: KMS key info.
│           └ properties
│              ├ KmsAliasArn: (documentation changed)
│              └ KmsKeyArn: (documentation changed)
├[~] service aws-guardduty
│ └ resources
│    ├[~] resource AWS::GuardDuty::Filter
│    │ └ properties
│    │    └ DetectorId: (documentation changed)
│    ├[~] resource AWS::GuardDuty::IPSet
│    │ └ properties
│    │    └ DetectorId: (documentation changed)
│    ├[~] resource AWS::GuardDuty::Master
│    │ └ properties
│    │    └ DetectorId: (documentation changed)
│    └[~] resource AWS::GuardDuty::ThreatIntelSet
│      └ properties
│         └ DetectorId: (documentation changed)
├[~] service aws-iotfleetwise
│ └ resources
│    └[~] resource AWS::IoTFleetWise::Campaign
│      └ types
│         ├[~] type DataDestinationConfig
│         │ └ properties
│         │    └[+] MqttTopicConfig: MqttTopicConfig
│         └[+] type MqttTopicConfig
│           ├  name: MqttTopicConfig
│           └ properties
│              ├MqttTopicArn: string (required)
│              └ExecutionRoleArn: string (required)
├[~] service aws-lambda
│ └ resources
│    ├[~] resource AWS::Lambda::Function
│    │ ├  - documentation: The `AWS::Lambda::Function` resource creates a Lambda function. To create a function, you need a [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) and an [execution role](https://docs.aws.amazon.com/lambda/latest/dg/lambda-intro-execution-role.html) . The deployment package is a .zip file archive or container image that contains your function code. The execution role grants the function permission to use AWS services, such as Amazon CloudWatch Logs for log streaming and AWS X-Ray for request tracing.
│    │ │  You set the package type to `Image` if the deployment package is a [container image](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html) . For a container image, the code property must include the URI of a container image in the Amazon ECR registry. You do not need to specify the handler and runtime properties.
│    │ │  You set the package type to `Zip` if the deployment package is a [.zip file archive](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html#gettingstarted-package-zip) . For a .zip file archive, the code property specifies the location of the .zip file. You must also specify the handler and runtime properties. For a Python example, see [Deploy Python Lambda functions with .zip file archives](https://docs.aws.amazon.com/lambda/latest/dg/python-package.html) .
│    │ │  You can use [code signing](https://docs.aws.amazon.com/lambda/latest/dg/configuration-codesigning.html) if your deployment package is a .zip file archive. To enable code signing for this function, specify the ARN of a code-signing configuration. When a user attempts to deploy a code package with `UpdateFunctionCode` , Lambda checks that the code package has a valid signature from a trusted publisher. The code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
│    │ │  Note that you configure [provisioned concurrency](https://docs.aws.amazon.com/lambda/latest/dg/provisioned-concurrency.html) on a `AWS::Lambda::Version` or a `AWS::Lambda::Alias` .
│    │ │  For a complete introduction to Lambda functions, see [What is Lambda?](https://docs.aws.amazon.com/lambda/latest/dg/lambda-welcome.html) in the *Lambda developer guide.*
│    │ │  + documentation: The `AWS::Lambda::Function` resource creates a Lambda function. To create a function, you need a [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) and an [execution role](https://docs.aws.amazon.com/lambda/latest/dg/lambda-intro-execution-role.html) . The deployment package is a .zip file archive or container image that contains your function code. The execution role grants the function permission to use AWS services, such as Amazon CloudWatch Logs for log streaming and AWS X-Ray for request tracing.
│    │ │  You set the package type to `Image` if the deployment package is a [container image](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html) . For these functions, include the URI of the container image in the Amazon ECR registry in the [`ImageUri` property of the `Code` property](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html#cfn-lambda-function-code-imageuri) . You do not need to specify the handler and runtime properties.
│    │ │  You set the package type to `Zip` if the deployment package is a [.zip file archive](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html#gettingstarted-package-zip) . For these functions, specify the Amazon S3 location of your .zip file in the `Code` property. Alternatively, for Node.js and Python functions, you can define your function inline in the [`ZipFile` property of the `Code` property](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html#cfn-lambda-function-code-zipfile) . In both cases, you must also specify the handler and runtime properties.
│    │ │  You can use [code signing](https://docs.aws.amazon.com/lambda/latest/dg/configuration-codesigning.html) if your deployment package is a .zip file archive. To enable code signing for this function, specify the ARN of a code-signing configuration. When a user attempts to deploy a code package with `UpdateFunctionCode` , Lambda checks that the code package has a valid signature from a trusted publisher. The code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
│    │ │  When you update a `AWS::Lambda::Function` resource, CloudFormation calls the [UpdateFunctionConfiguration](https://docs.aws.amazon.com/lambda/latest/api/API_UpdateFunctionConfiguration.html) and [UpdateFunctionCode](https://docs.aws.amazon.com/lambda/latest/api/API_UpdateFunctionCode.html) Lambda APIs under the hood. Because these calls happen sequentially, and invocations can happen between these calls, your function may encounter errors in the time between the calls. For example, if you remove an environment variable, and the code that references that environment variable in the same CloudFormation update, you may see invocation errors related to a missing environment variable. To work around this, you can invoke your function against a version or alias by default, rather than the `$LATEST` version.
│    │ │  Note that you configure [provisioned concurrency](https://docs.aws.amazon.com/lambda/latest/dg/provisioned-concurrency.html) on a `AWS::Lambda::Version` or a `AWS::Lambda::Alias` .
│    │ │  For a complete introduction to Lambda functions, see [What is Lambda?](https://docs.aws.amazon.com/lambda/latest/dg/lambda-welcome.html) in the *Lambda developer guide.*
│    │ └ properties
│    │    ├ Code: (documentation changed)
│    │    └ KmsKeyArn: (documentation changed)
│    └[~] resource AWS::Lambda::Url
│      └ properties
│         └ TargetFunctionArn: (documentation changed)
├[~] service aws-macie
│ └ resources
│    ├[~] resource AWS::Macie::AllowList
│    │ └ types
│    │    └[~] type Criteria
│    │      └  - documentation: Specifies the criteria for an allow list, which is a list that defines specific text or a text pattern to ignore when inspecting data sources for sensitive data. The criteria can be:
│    │         - The location and name of an Amazon Simple Storage Service ( Amazon S3 ) object that lists specific, predefined text to ignore ( `S3WordsList` ), or
│    │         - A regular expression ( `Regex` ) that defines a text pattern to ignore.
│    │         The criteria must specify either an S3 object or a regular expression. It can't specify both.
│    │         + documentation: Specifies the criteria for an allow list, which is a list that defines specific text or a text pattern to ignore when inspecting data sources for sensitive data. The criteria can be:
│    │         - The location and name of an Amazon Simple Storage Service ( Amazon S3 ) object that lists specific predefined text to ignore ( `S3WordsList` ), or
│    │         - A regular expression ( `Regex` ) that defines a text pattern to ignore.
│    │         The criteria must specify either an S3 object or a regular expression. It can't specify both.
│    └[~] resource AWS::Macie::FindingsFilter
│      ├  - documentation: The `AWS::Macie::FindingsFilter` resource specifies a findings filter. In Amazon Macie , a *findings filter* , also referred to as a *filter rule* , is a set of custom criteria that specifies which findings to include or exclude from the results of a query for findings. The criteria can help you identify and focus on findings that have specific characteristics, such as severity, type, or the name of an affected AWS resource. You can also configure a findings filter to suppress (automatically archive) findings that match the filter's criteria. For more information, see [Filtering findings](https://docs.aws.amazon.com/macie/latest/user/findings-filter-overview.html) in the *Amazon Macie User Guide* .
│      │  An `AWS::Macie::Session` resource must exist for an AWS account before you can create an `AWS::Macie::FindingsFilter` resource for the account. Use a [DependsOn attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) to ensure that an `AWS::Macie::Session` resource is created before other Macie resources are created for an account. For example, `"DependsOn": "Session"` .
│      │  + documentation: The `AWS::Macie::FindingsFilter` resource specifies a findings filter. In Amazon Macie , a *findings filter* , also referred to as a *filter rule* , is a set of custom criteria that specifies which findings to include or exclude from the results of a query for findings. The criteria can help you identify and focus on findings that have specific characteristics, such as severity, type, or the name of an affected AWS resource. You can also configure a findings filter to suppress (automatically archive) findings that match the filter's criteria. For more information, see [Filtering Macie findings](https://docs.aws.amazon.com/macie/latest/user/findings-filter-overview.html) in the *Amazon Macie User Guide* .
│      │  An `AWS::Macie::Session` resource must exist for an AWS account before you can create an `AWS::Macie::FindingsFilter` resource for the account. Use a [DependsOn attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) to ensure that an `AWS::Macie::Session` resource is created before other Macie resources are created for an account. For example, `"DependsOn": "Session"` .
│      └ types
│         ├[~] type CriterionAdditionalProperties
│         │ └  - documentation: Specifies a condition that defines the property, operator, and one or more values to use in a findings filter. A *findings filter* , also referred to as a *filter rule* , is a set of custom criteria that specifies which findings to include or exclude from the results of a query for findings. You can also configure a findings filter to suppress (automatically archive) findings that match the filter's criteria. For more information, see [Filtering findings](https://docs.aws.amazon.com/macie/latest/user/findings-filter-overview.html) in the *Amazon Macie User Guide* .
│         │    + documentation: Specifies a condition that defines the property, operator, and one or more values to use in a findings filter. A *findings filter* , also referred to as a *filter rule* , is a set of custom criteria that specifies which findings to include or exclude from the results of a query for findings. You can also configure a findings filter to suppress (automatically archive) findings that match the filter's criteria. For more information, see [Filtering Macie findings](https://docs.aws.amazon.com/macie/latest/user/findings-filter-overview.html) in the *Amazon Macie User Guide* .
│         └[~] type FindingCriteria
│           └  - documentation: Specifies, as a map, one or more property-based conditions for a findings filter. A *findings filter* , also referred to as a *filter rule* , is a set of custom criteria that specifies which findings to include or exclude from the results of a query for findings. You can also configure a findings filter to suppress (automatically archive) findings that match the filter's criteria. For more information, see [Filtering findings](https://docs.aws.amazon.com/macie/latest/user/findings-filter-overview.html) in the *Amazon Macie User Guide* .
│              + documentation: Specifies, as a map, one or more property-based conditions for a findings filter. A *findings filter* , also referred to as a *filter rule* , is a set of custom criteria that specifies which findings to include or exclude from the results of a query for findings. You can also configure a findings filter to suppress (automatically archive) findings that match the filter's criteria. For more information, see [Filtering Macie findings](https://docs.aws.amazon.com/macie/latest/user/findings-filter-overview.html) in the *Amazon Macie User Guide* .
├[~] service aws-medialive
│ └ resources
│    └[~] resource AWS::MediaLive::Input
│      ├ properties
│      │  └[+] SrtSettings: SrtSettingsRequest
│      └ types
│         ├[+] type SrtCallerDecryptionRequest
│         │ ├  name: SrtCallerDecryptionRequest
│         │ └ properties
│         │    ├Algorithm: string
│         │    └PassphraseSecretArn: string
│         ├[+] type SrtCallerSourceRequest
│         │ ├  name: SrtCallerSourceRequest
│         │ └ properties
│         │    ├SrtListenerPort: string
│         │    ├StreamId: string
│         │    ├MinimumLatency: integer
│         │    ├Decryption: SrtCallerDecryptionRequest
│         │    └SrtListenerAddress: string
│         └[+] type SrtSettingsRequest
│           ├  name: SrtSettingsRequest
│           └ properties
│              └SrtCallerSources: Array<SrtCallerSourceRequest>
├[~] service aws-mediapackagev2
│ └ resources
│    └[~] resource AWS::MediaPackageV2::OriginEndpoint
│      └ properties
│         └ ContainerType: - string
│                          + string (required)
├[~] service aws-neptune
│ └ resources
│    └[~] resource AWS::Neptune::DBCluster
│      └ properties
│         ├ KmsKeyId: (documentation changed)
│         └ StorageEncrypted: (documentation changed)
├[~] service aws-opensearchservice
│ └ resources
│    └[~] resource AWS::OpenSearchService::Domain
│      ├ properties
│      │  └[+] SkipShardMigrationWait: boolean
│      └ types
│         ├[~] type AdvancedSecurityOptionsInput
│         │ └ properties
│         │    └[+] JWTOptions: JWTOptions
│         └[+] type JWTOptions
│           ├  name: JWTOptions
│           └ properties
│              ├Enabled: boolean
│              ├PublicKey: string
│              ├SubjectKey: string
│              └RolesKey: string
├[+] service aws-pcaconnectorscep
│ ├  capitalized: PCAConnectorSCEP
│ │  cloudFormationNamespace: AWS::PCAConnectorSCEP
│ │  name: aws-pcaconnectorscep
│ │  shortName: pcaconnectorscep
│ └ resources
│    ├resource AWS::PCAConnectorSCEP::Challenge
│    │├  name: Challenge
│    ││  cloudFormationType: AWS::PCAConnectorSCEP::Challenge
│    ││  documentation: Represents a SCEP Challenge that is used for certificate enrollment
│    ││  tagInformation: {"tagPropertyName":"Tags","variant":"map"}
│    │├ properties
│    ││  ├ConnectorArn: string (required, immutable)
│    ││  └Tags: Map<string, string>
│    │└ attributes
│    │   └ChallengeArn: string
│    └resource AWS::PCAConnectorSCEP::Connector
│     ├  name: Connector
│     │  cloudFormationType: AWS::PCAConnectorSCEP::Connector
│     │  documentation: Represents a Connector that allows certificate issuance through Simple Certificate Enrollment Protocol (SCEP)
│     │  tagInformation: {"tagPropertyName":"Tags","variant":"map"}
│     ├ properties
│     │  ├CertificateAuthorityArn: string (required, immutable)
│     │  ├MobileDeviceManagement: MobileDeviceManagement (immutable)
│     │  └Tags: Map<string, string>
│     ├ attributes
│     │  ├ConnectorArn: string
│     │  ├Endpoint: string
│     │  ├OpenIdConfiguration: OpenIdConfiguration
│     │  └Type: string
│     └ types
│        ├type MobileDeviceManagement
│        │├  name: MobileDeviceManagement
│        │└ properties
│        │   └Intune: IntuneConfiguration (required)
│        ├type IntuneConfiguration
│        │├  name: IntuneConfiguration
│        │└ properties
│        │   ├AzureApplicationId: string (required)
│        │   └Domain: string (required)
│        └type OpenIdConfiguration
│         ├  name: OpenIdConfiguration
│         └ properties
│            ├Issuer: string
│            ├Subject: string
│            └Audience: string
├[~] service aws-personalize
│ └ resources
│    └[~] resource AWS::Personalize::Solution
│      └  - documentation: > After you create a solution, you can’t change its configuration. By default, all new solutions use automatic training. With automatic training, you incur training costs while your solution is active. You can't stop automatic training for a solution. To avoid unnecessary costs, make sure to delete the solution when you are finished. For information about training costs, see [Amazon Personalize #](https://docs.aws.amazon.com/https://aws.amazon.com/personalize/#/) . 
│         An object that provides information about a solution. A solution includes the custom recipe, customized parameters, and trained models (Solution Versions) that Amazon Personalize uses to generate recommendations.
│         After you create a solution, you can’t change its configuration. If you need to make changes, you can [clone the solution](https://docs.aws.amazon.com/personalize/latest/dg/cloning-solution.html) with the Amazon Personalize console or create a new one.
│         + documentation: > By default, all new solutions use automatic training. With automatic training, you incur training costs while your solution is active. To avoid unnecessary costs, when you are finished you can [update the solution](https://docs.aws.amazon.com/personalize/latest/dg/API_UpdateSolution.html) to turn off automatic training. For information about training costs, see [Amazon Personalize #](https://docs.aws.amazon.com/https://aws.amazon.com/personalize/#/) . 
│         An object that provides information about a solution. A solution includes the custom recipe, customized parameters, and trained models (Solution Versions) that Amazon Personalize uses to generate recommendations.
│         After you create a solution, you can’t change its configuration. If you need to make changes, you can [clone the solution](https://docs.aws.amazon.com/personalize/latest/dg/cloning-solution.html) with the Amazon Personalize console or create a new one.
├[~] service aws-pipes
│ └ resources
│    └[~] resource AWS::Pipes::Pipe
│      └ types
│         ├[~] type PipeSourceDynamoDBStreamParameters
│         │ └ properties
│         │    ├ MaximumRecordAgeInSeconds: (documentation changed)
│         │    ├ MaximumRetryAttempts: (documentation changed)
│         │    ├ OnPartialBatchItemFailure: (documentation changed)
│         │    └ ParallelizationFactor: (documentation changed)
│         ├[~] type PipeSourceKinesisStreamParameters
│         │ └ properties
│         │    ├ MaximumRecordAgeInSeconds: (documentation changed)
│         │    ├ MaximumRetryAttempts: (documentation changed)
│         │    ├ OnPartialBatchItemFailure: (documentation changed)
│         │    ├ ParallelizationFactor: (documentation changed)
│         │    └ StartingPosition: (documentation changed)
│         ├[~] type PipeSourceManagedStreamingKafkaParameters
│         │ └ properties
│         │    └ StartingPosition: (documentation changed)
│         └[~] type PipeSourceSelfManagedKafkaParameters
│           └ properties
│              ├ AdditionalBootstrapServers: - Array<string>
│              │                             + Array<string> (immutable)
│              ├ ConsumerGroupID: - string
│              │                  + string (immutable)
│              ├ StartingPosition: - string
│              │                   + string (immutable)
│              │                   (documentation changed)
│              └ TopicName: - string (required)
│                           + string (required, immutable)
├[~] service aws-qbusiness
│ └ resources
│    ├[~] resource AWS::QBusiness::Application
│    │ ├ properties
│    │ │  ├[+] AutoSubscriptionConfiguration: AutoSubscriptionConfiguration
│    │ │  ├[+] ClientIdsForOIDC: Array<string> (immutable)
│    │ │  ├[+] IamIdentityProviderArn: string (immutable)
│    │ │  ├[+] IdentityType: string (immutable)
│    │ │  ├[+] PersonalizationConfiguration: PersonalizationConfiguration
│    │ │  └ QAppsConfiguration: (documentation changed)
│    │ └ types
│    │    ├[+] type AutoSubscriptionConfiguration
│    │    │ ├  documentation: Subscription configuration information for an Amazon Q Business application using IAM identity federation for user management.
│    │    │ │  name: AutoSubscriptionConfiguration
│    │    │ └ properties
│    │    │    ├AutoSubscribe: string (required)
│    │    │    └DefaultSubscriptionType: string
│    │    ├[+] type PersonalizationConfiguration
│    │    │ ├  documentation: Configuration information about chat response personalization. For more information, see [Personalizing chat responses](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/personalizing-chat-responses.html) .
│    │    │ │  name: PersonalizationConfiguration
│    │    │ └ properties
│    │    │    └PersonalizationControlMode: string (required)
│    │    └[~] type QAppsConfiguration
│    │      └  - documentation: Configuration information about Amazon Q Apps. (preview feature)
│    │         + documentation: Configuration information about Amazon Q Apps.
│    └[~] resource AWS::QBusiness::WebExperience
│      ├ properties
│      │  └[+] IdentityProviderConfiguration: IdentityProviderConfiguration
│      └ types
│         ├[+] type IdentityProviderConfiguration
│         │ ├  documentation: Provides information about the identity provider (IdP) used to authenticate end users of an Amazon Q Business web experience.
│         │ │  name: IdentityProviderConfiguration
│         │ └ properties
│         │    ├SamlConfiguration: SamlProviderConfiguration
│         │    └OpenIDConnectConfiguration: OpenIDConnectProviderConfiguration
│         ├[+] type OpenIDConnectProviderConfiguration
│         │ ├  documentation: Information about the OIDC-compliant identity provider (IdP) used to authenticate end users of an Amazon Q Business web experience.
│         │ │  name: OpenIDConnectProviderConfiguration
│         │ └ properties
│         │    ├SecretsArn: string (required)
│         │    └SecretsRole: string (required)
│         └[+] type SamlProviderConfiguration
│           ├  documentation: Information about the SAML 2.0-compliant identity provider (IdP) used to authenticate end users of an Amazon Q Business web experience.
│           │  name: SamlProviderConfiguration
│           └ properties
│              └AuthenticationUrl: string (required)
├[~] service aws-quicksight
│ └ resources
│    ├[~] resource AWS::QuickSight::Analysis
│    │ └ types
│    │    ├[+] type CategoryInnerFilter
│    │    │ ├  documentation: A `CategoryInnerFilter` filters text values for the `NestedFilter` .
│    │    │ │  name: CategoryInnerFilter
│    │    │ └ properties
│    │    │    ├Configuration: CategoryFilterConfiguration (required)
│    │    │    ├Column: ColumnIdentifier (required)
│    │    │    └DefaultFilterControlConfiguration: DefaultFilterControlConfiguration
│    │    ├[~] type ColumnTooltipItem
│    │    │ └ properties
│    │    │    └[+] TooltipTarget: string
│    │    ├[~] type FieldTooltipItem
│    │    │ └ properties
│    │    │    └[+] TooltipTarget: string
│    │    ├[~] type Filter
│    │    │ └ properties
│    │    │    └[+] NestedFilter: NestedFilter
│    │    ├[+] type InnerFilter
│    │    │ ├  documentation: The `InnerFilter` defines the subset of data to be used with the `NestedFilter` .
│    │    │ │  name: InnerFilter
│    │    │ └ properties
│    │    │    └CategoryInnerFilter: CategoryInnerFilter
│    │    ├[~] type LineChartConfiguration
│    │    │ └ properties
│    │    │    └[+] SingleAxisOptions: SingleAxisOptions
│    │    ├[+] type NestedFilter
│    │    │ ├  documentation: A `NestedFilter` filters data with a subset of data that is defined by the nested inner filter.
│    │    │ │  name: NestedFilter
│    │    │ └ properties
│    │    │    ├Column: ColumnIdentifier (required)
│    │    │    ├InnerFilter: InnerFilter (required)
│    │    │    ├IncludeInnerSet: boolean (required, default=false)
│    │    │    └FilterId: string (required)
│    │    └[+] type SingleAxisOptions
│    │      └  name: SingleAxisOptions
│    ├[~] resource AWS::QuickSight::Dashboard
│    │ └ types
│    │    ├[+] type CategoryInnerFilter
│    │    │ ├  documentation: A `CategoryInnerFilter` filters text values for the `NestedFilter` .
│    │    │ │  name: CategoryInnerFilter
│    │    │ └ properties
│    │    │    ├Configuration: CategoryFilterConfiguration (required)
│    │    │    ├Column: ColumnIdentifier (required)
│    │    │    └DefaultFilterControlConfiguration: DefaultFilterControlConfiguration
│    │    ├[~] type ColumnTooltipItem
│    │    │ └ properties
│    │    │    └[+] TooltipTarget: string
│    │    ├[~] type FieldTooltipItem
│    │    │ └ properties
│    │    │    └[+] TooltipTarget: string
│    │    ├[~] type Filter
│    │    │ └ properties
│    │    │    └[+] NestedFilter: NestedFilter
│    │    ├[+] type InnerFilter
│    │    │ ├  documentation: The `InnerFilter` defines the subset of data to be used with the `NestedFilter` .
│    │    │ │  name: InnerFilter
│    │    │ └ properties
│    │    │    └CategoryInnerFilter: CategoryInnerFilter
│    │    ├[~] type LineChartConfiguration
│    │    │ └ properties
│    │    │    └[+] SingleAxisOptions: SingleAxisOptions
│    │    ├[+] type NestedFilter
│    │    │ ├  documentation: A `NestedFilter` filters data with a subset of data that is defined by the nested inner filter.
│    │    │ │  name: NestedFilter
│    │    │ └ properties
│    │    │    ├Column: ColumnIdentifier (required)
│    │    │    ├InnerFilter: InnerFilter (required)
│    │    │    ├IncludeInnerSet: boolean (required, default=false)
│    │    │    └FilterId: string (required)
│    │    └[+] type SingleAxisOptions
│    │      └  name: SingleAxisOptions
│    └[~] resource AWS::QuickSight::Template
│      └ types
│         ├[+] type CategoryInnerFilter
│         │ ├  documentation: A `CategoryInnerFilter` filters text values for the `NestedFilter` .
│         │ │  name: CategoryInnerFilter
│         │ └ properties
│         │    ├Configuration: CategoryFilterConfiguration (required)
│         │    ├Column: ColumnIdentifier (required)
│         │    └DefaultFilterControlConfiguration: DefaultFilterControlConfiguration
│         ├[~] type ColumnTooltipItem
│         │ └ properties
│         │    └[+] TooltipTarget: string
│         ├[~] type FieldTo

@aws-cdk-automation aws-cdk-automation added auto-approve contribution/core This is a PR that came from AWS. dependencies This issue is a problem in a dependency or a pull request that updates a dependency file. pr-linter/exempt-readme The PR linter will not require README changes pr-linter/exempt-test The PR linter will not require test changes pr-linter/exempt-integ-test The PR linter will not require integ test changes labels Sep 8, 2024
@aws-cdk-automation aws-cdk-automation requested a review from a team September 8, 2024 01:43
@aws-cdk-automation aws-cdk-automation requested a review from a team September 8, 2024 01:44
@github-actions github-actions bot added the p2 label Sep 8, 2024
@moelasmar moelasmar added the pr/do-not-merge This PR should not be merged at this time. label Sep 8, 2024
@aws-cdk-automation aws-cdk-automation added the pr/needs-maintainer-review This PR needs a review from a Core Team Member label Sep 8, 2024
Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec`
@Leo10Gama Leo10Gama removed the pr/do-not-merge This PR should not be merged at this time. label Sep 9, 2024
Copy link
Contributor

mergify bot commented Sep 9, 2024

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@aws-cdk-automation
Copy link
Collaborator Author

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: be5594c
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@mergify mergify bot merged commit bc4dbfd into main Sep 9, 2024
11 of 12 checks passed
Copy link
Contributor

mergify bot commented Sep 9, 2024

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@mergify mergify bot deleted the automation/spec-update branch September 9, 2024 23:34
Copy link

github-actions bot commented Sep 9, 2024

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 9, 2024
# for free to subscribe to this conversation on GitHub. Already have an account? #.
Labels
auto-approve contribution/core This is a PR that came from AWS. dependencies This issue is a problem in a dependency or a pull request that updates a dependency file. p2 pr/needs-maintainer-review This PR needs a review from a Core Team Member pr-linter/exempt-integ-test The PR linter will not require integ test changes pr-linter/exempt-readme The PR linter will not require README changes pr-linter/exempt-test The PR linter will not require test changes
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants